sampsonfornor.blogspot.com/2022/05/what-is-controlled-by-side-dial-on.html
301 Moved Permanently 220 B URL HTTP/1.1 sampsonfornor.blogspot.com/2022/05/what-is-controlled-by-side-dial-on.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f6a7fa44de5d28959c807f025639b45b
e33d01e9aeb2a7864f234777cc98dd2d3bfed5b7
fcd68c3d764319197e5819c5f8c9dcad89aa45c4d8f1bb55da9a49682294d2e8
GET /2022/05/what-is-controlled-by-side-dial-on.html HTTP/1.1
Host: sampsonfornor.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://sampsonfornor.blogspot.com/2022/05/what-is-controlled-by-side-dial-on.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 27 Sep 2022 12:56:30 GMT
Expires: Tue, 27 Sep 2022 12:56:30 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 220
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Tue, 27 Sep 2022 14:49:56 GMT
Date: Tue, 27 Sep 2022 12:56:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 12:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m0vKIqh5FSLQKY-7TD3FFXCZjTyEA1rUTmR85fHmUqk8dDjK28SD9w==
Age: 2460
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Rb6Xff93pInAetVLZnwhmw0CTGZUf696K-6mMD5bkpSlSksudD5zPg==
age: 12737
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c7ea09de6e63af53ed131169fd56eb1d
439eefa30aa1e3a5ee21b1981deb39328289c98d
938e772fbea16de4c0976358ff8b7b607dcdb21a3af63220beaa66cc77d89c71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 12:56:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 12:10:46 GMT
Expires: Tue, 27 Sep 2022 12:40:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BOnyoxlUV3KNksP59YdO7DbQSxzyeWvML14LXMFD1jXLpvgmLTxoTQ==
Age: 2744
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c7ea09de6e63af53ed131169fd56eb1d
439eefa30aa1e3a5ee21b1981deb39328289c98d
938e772fbea16de4c0976358ff8b7b607dcdb21a3af63220beaa66cc77d89c71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5933
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Last-Modified: Tue, 27 Sep 2022 11:17:38 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
sampsonfornor.blogspot.com/2022/05/what-is-controlled-by-side-dial-on.html
200 OK 66 kB URL HTTP/2 sampsonfornor.blogspot.com/2022/05/what-is-controlled-by-side-dial-on.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7031)
Hash 900d9e7d4b6f08897df29c74f969c38a
41dcb9338759452958eb98d80475afd3478a1edb
55004c0ecb4f2183e45e24b2911da0f934a7365b95959592fe72b37462fa2f19
GET /2022/05/what-is-controlled-by-side-dial-on.html HTTP/1.1
Host: sampsonfornor.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 27 Sep 2022 12:56:30 GMT
date: Tue, 27 Sep 2022 12:56:30 GMT
cache-control: private, max-age=0
last-modified: Sat, 13 Aug 2022 10:03:42 GMT
etag: W/"c70bb4fb7bb9e8de6a0a40f09f7d4daee97a51e5d189c720aaf287abd19efb97"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 66508
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 39f4c6b878fc92202be480070361362c
5963f72aea1957734b22dfb4019291dc2db459a3
a5954460fca600556f47d2ef8b59206644e00fae1acef9faaff3156d417642a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Tue, 27 Sep 2022 12:56:31 GMT
expires: Tue, 27 Sep 2022 12:56:31 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6a6133e354a7138d14e713ab4cd4d0e7
d86dc2d8002443648774db9fbc709a5cff7bb716
a19ed99c04a15360ef292e662bd3334732993732317a38c36e6f7041734d9097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6a6133e354a7138d14e713ab4cd4d0e7
d86dc2d8002443648774db9fbc709a5cff7bb716
a19ed99c04a15360ef292e662bd3334732993732317a38c36e6f7041734d9097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 09:56:02 GMT
expires: Mon, 25 Sep 2023 09:56:02 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 24 Sep 2022 17:50:40 GMT
content-type: text/javascript
age: 183629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6a6133e354a7138d14e713ab4cd4d0e7
d86dc2d8002443648774db9fbc709a5cff7bb716
a19ed99c04a15360ef292e662bd3334732993732317a38c36e6f7041734d9097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Hash d70fcc84d705c565b31a5835c0938d5b
d28e5dc9fcc6239d67986df3205468072023d2d7
1d558c94793446aa6a7832dde0c39ed7d9c77fd963ffb738c460e4f7369a7f4e
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 07:25:39 GMT
expires: Mon, 25 Sep 2023 07:25:39 GMT
cache-control: public, max-age=31536000
age: 192652
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/4150139458-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4150139458-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash b318be2224a9b91139a7a4b41f2e4b6e
4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
content-type: text/javascript
age: 162001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6a6133e354a7138d14e713ab4cd4d0e7
d86dc2d8002443648774db9fbc709a5cff7bb716
a19ed99c04a15360ef292e662bd3334732993732317a38c36e6f7041734d9097
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:42:54 GMT
expires: Mon, 10 Oct 2022 20:42:54 GMT
cache-control: public, max-age=1209600
age: 58417
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D0Bbyc7Yr/MahpjRb71xOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9tQKepHcvkQLcMqClTvClX1wcnM=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7924, version 1.0\012- data
Hash e535f7856b24153e0f3146e8f90a45c5
e5da5f96d38b08cc6ed2973735b5a9b9af066458
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
GET /s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 00:43:18 GMT
expires: Tue, 26 Sep 2023 00:43:18 GMT
cache-control: public, max-age=31536000
age: 130393
last-modified: Tue, 19 Feb 2019 22:26:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5022da2971a2be66d56d005b4c60b5f3
64bce48deddbbe8d831f70702357c30afe5c2845
119407abe2965a081c5ecb122673c7660c3a63cb074ccd5026a0a85498553c6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "119407ABE2965A081C5ECB122673C7660C3A63CB074CCD5026A0A85498553C6C"
Last-Modified: Mon, 26 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15794
Expires: Tue, 27 Sep 2022 17:19:45 GMT
Date: Tue, 27 Sep 2022 12:56:31 GMT
Connection: keep-alive
blogger.googleusercontent.com/img/a/AVvXsEgAE-HQ2XeesvG0TUaxxtXc5jAM7qlHGjHmEapcoi4Dvo09vEzSjLjjuRcSk8MqwWu105hOkNUQ3ETOO0nofaQmwAX1pJltzJbPqkviKii7YKDkeHQ239Aalu6oQ10l6tWaBs8fv4HxLJX6nGi1JgY-jaKxIuvR9ziNS99TjomKGfU_t1SdIXDbenVg=w320-h116
200 OK 16 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgAE-HQ2XeesvG0TUaxxtXc5jAM7qlHGjHmEapcoi4Dvo09vEzSjLjjuRcSk8MqwWu105hOkNUQ3ETOO0nofaQmwAX1pJltzJbPqkviKii7YKDkeHQ239Aalu6oQ10l6tWaBs8fv4HxLJX6nGi1JgY-jaKxIuvR9ziNS99TjomKGfU_t1SdIXDbenVg=w320-h116
IP
File type PNG image data, 320 x 116, 8-bit/color RGB, non-interlaced\012- data
Hash 0c3f59d13d4bd6b66a16c7ae0baddf86
726382a949b9e98b3f50623001e96148f9838f47
8fab1650fec1aa097f4b599e449d1a6550332085a37424ef6058814d4f3c3320
GET /img/a/AVvXsEgAE-HQ2XeesvG0TUaxxtXc5jAM7qlHGjHmEapcoi4Dvo09vEzSjLjjuRcSk8MqwWu105hOkNUQ3ETOO0nofaQmwAX1pJltzJbPqkviKii7YKDkeHQ239Aalu6oQ10l6tWaBs8fv4HxLJX6nGi1JgY-jaKxIuvR9ziNS99TjomKGfU_t1SdIXDbenVg=w320-h116 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4"
expires: Wed, 28 Sep 2022 12:56:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shop.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 12:56:31 GMT
server: fife
content-length: 16361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5022da2971a2be66d56d005b4c60b5f3
64bce48deddbbe8d831f70702357c30afe5c2845
119407abe2965a081c5ecb122673c7660c3a63cb074ccd5026a0a85498553c6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "119407ABE2965A081C5ECB122673C7660C3A63CB074CCD5026A0A85498553C6C"
Last-Modified: Mon, 26 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15624
Expires: Tue, 27 Sep 2022 17:16:55 GMT
Date: Tue, 27 Sep 2022 12:56:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=7253118958113904302&zx=fa66f719-de44-46dd-9d68-0a79b4621351
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=7253118958113904302&zx=fa66f719-de44-46dd-9d68-0a79b4621351
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=7253118958113904302&zx=fa66f719-de44-46dd-9d68-0a79b4621351 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 12:56:31 GMT
last-modified: Tue, 27 Sep 2022 12:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c3938cfdb6ecb99b3200a963987483e3
0d3b0d63dfe3372c0b97639e98b2a8f488d1b566
9be34309c3fcae760fc8bdf71cb397c7d25a43ec7a847e3ae2e127649af6d667
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5963
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:32 GMT
Last-Modified: Tue, 27 Sep 2022 11:17:09 GMT
Server: ECS (amb/6BC1)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash 80585e7d4f1510898eeba1ae4175a6fc
a5a6a723aecc70bc2f23ff11d05b10838c3f557b
c0d82c824a37384777d1493508b45b05f5286b3a8366377b43db8f0f84fc0eb8
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 27 Sep 2022 12:56:32 GMT
date: Tue, 27 Sep 2022 12:56:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 138637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ibikini.cyou/native2
307 Temporary Redirect 1 B IP
ASN #58487 Rumahweb Indonesia CV.
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /native2 HTTP/1.1
Host: ibikini.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_4=native2; expires=Thu, 27-Oct-2022 12:56:32 GMT; Max-Age=2592000; path=/
prli_visitor=6332f3000c06f; expires=Wed, 27-Sep-2023 12:56:32 GMT; Max-Age=31536000; path=/
location: https://annesuspense.com/87b30457de7ee06c41c2443ab2e5e148/invoke.js
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 12:56:31 GMT
server: Apache
X-Firefox-Spdy: h2
ibikini.cyou/dojoo
307 Temporary Redirect 1 B IP
ASN #58487 Rumahweb Indonesia CV.
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /dojoo HTTP/1.1
Host: ibikini.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_6=dojoo; expires=Thu, 27-Oct-2022 12:56:32 GMT; Max-Age=2592000; path=/
prli_visitor=6332f3000e4d7; expires=Wed, 27-Sep-2023 12:56:32 GMT; Max-Age=31536000; path=/
location: https://pop.dojo.cc/5832.js
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 12:56:31 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c3938cfdb6ecb99b3200a963987483e3
0d3b0d63dfe3372c0b97639e98b2a8f488d1b566
9be34309c3fcae760fc8bdf71cb397c7d25a43ec7a847e3ae2e127649af6d667
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:32 GMT
Server: ECS (amb/6B97)
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash c3938cfdb6ecb99b3200a963987483e3
0d3b0d63dfe3372c0b97639e98b2a8f488d1b566
9be34309c3fcae760fc8bdf71cb397c7d25a43ec7a847e3ae2e127649af6d667
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:32 GMT
Server: ECS (amb/6BB8)
Content-Length: 471
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0zVSKZCnWOXYDiyzlRg39p7lr0kVElce79fMh9Xwsavh2O2juWPo46FFvhaldvGuWbrMl8mFW0pTTEARkJcoCU7auPG-X2H8a1pmUlSKzIGYZF-j1RaNlgLICPJM4riaHA21gcE6LAzktPAFegsR0If-z5vHmeoSqq_UYk3LY0b2-TZ91LgLMsAjsHjTIh0RVcH8bY=w72-h72-p-k-no-nu
200 OK 1.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0zVSKZCnWOXYDiyzlRg39p7lr0kVElce79fMh9Xwsavh2O2juWPo46FFvhaldvGuWbrMl8mFW0pTTEARkJcoCU7auPG-X2H8a1pmUlSKzIGYZF-j1RaNlgLICPJM4riaHA21gcE6LAzktPAFegsR0If-z5vHmeoSqq_UYk3LY0b2-TZ91LgLMsAjsHjTIh0RVcH8bY=w72-h72-p-k-no-nu
IP
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 505b036b1b65e6856341616dfa6c9cd2
49de524b907607f56f73ff1bfed1914489169ee0
10069859d7d916c45cd24a820c011313dbd6202e5ef40792111ac1df8115e807
GET /blogger_img_proxy/ANbyha0zVSKZCnWOXYDiyzlRg39p7lr0kVElce79fMh9Xwsavh2O2juWPo46FFvhaldvGuWbrMl8mFW0pTTEARkJcoCU7auPG-X2H8a1pmUlSKzIGYZF-j1RaNlgLICPJM4riaHA21gcE6LAzktPAFegsR0If-z5vHmeoSqq_UYk3LY0b2-TZ91LgLMsAjsHjTIh0RVcH8bY=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 12:56:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 12:56:32 GMT
server: fife
content-length: 1306
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 65a925a066b8c853d4082d0caff34122
151b7c07cf88fe2d798a1672bf3dadcdb0fee3a7
d4bc9d5307df0e3f57ca35f85a1e9c78c678f8c691473a96c415e79928021ed1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:32 GMT
Last-Modified: Tue, 27 Sep 2022 11:11:31 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 279
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 27 Sep 2022 12:56:32 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+752; expires=Thu, 26-Sep-2024 12:56:32 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Sep 2022 12:56:32 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2974
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 27 Sep 2022 12:56:32 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+687; expires=Thu, 26-Sep-2024 12:56:32 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Sep 2022 12:56:32 GMT
X-Firefox-Spdy: h2
ibikini.cyou/social2
307 Temporary Redirect 1 B IP
ASN #58487 Rumahweb Indonesia CV.
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /social2 HTTP/1.1
Host: ibikini.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_3=social2; expires=Thu, 27-Oct-2022 12:56:32 GMT; Max-Age=2592000; path=/
prli_visitor=6332f300349a9; expires=Wed, 27-Sep-2023 12:56:32 GMT; Max-Age=31536000; path=/
location: https://annesuspense.com/44/03/5c/44035c191f4c0ed7ba5fb93f9738442c.js
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 12:56:31 GMT
server: Apache
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3YfiUqNyL01m854LJcRSEAzjtwAEpCsS5oqEG_uFd0X8PG7cTMjtcHXnPTN_JQU27EJgPT-IYPSq9KGzracHd-Gpm0_oimnX6K6rUvZXadGU0REnneuTKH1K5B_zEzV4YM6HD4Vtd673rsm1kBIrClzGX9qTHm3R3_YC_ysFmaqw=s0-d
200 OK 45 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3YfiUqNyL01m854LJcRSEAzjtwAEpCsS5oqEG_uFd0X8PG7cTMjtcHXnPTN_JQU27EJgPT-IYPSq9KGzracHd-Gpm0_oimnX6K6rUvZXadGU0REnneuTKH1K5B_zEzV4YM6HD4Vtd673rsm1kBIrClzGX9qTHm3R3_YC_ysFmaqw=s0-d
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x407, components 3\012- data
Hash 74d3ae9ffa8187e009f945ed7b38502c
ce15fca42a87fa0af86d22caca8646d6225f71ac
404fef684b99cfa427bb7aaa7c3a158a6e3209107b149d5a4b07bd9223a6b939
GET /blogger_img_proxy/ANbyha3YfiUqNyL01m854LJcRSEAzjtwAEpCsS5oqEG_uFd0X8PG7cTMjtcHXnPTN_JQU27EJgPT-IYPSq9KGzracHd-Gpm0_oimnX6K6rUvZXadGU0REnneuTKH1K5B_zEzV4YM6HD4Vtd673rsm1kBIrClzGX9qTHm3R3_YC_ysFmaqw=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 12:56:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 12:56:32 GMT
server: fife
content-length: 45169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 65a925a066b8c853d4082d0caff34122
151b7c07cf88fe2d798a1672bf3dadcdb0fee3a7
d4bc9d5307df0e3f57ca35f85a1e9c78c678f8c691473a96c415e79928021ed1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:32 GMT
Server: ECS (amb/6B91)
Content-Length: 279
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1vU8YGOB2RiDSCRXLR4tQ6F3FXee4S9zgrzuWDjSCxtvQ3R6j4UwuICq5bgnn3jPAl9BrGgaK0i5oP5ULCTWajbDPWmFtrQLSkEhs1gBqcLEQ4EU-s2yjMbW55fFFmdVrJpTUvLJNiP2FaiiAUzBI=w72-h72-p-k-no-nu
200 OK 4.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1vU8YGOB2RiDSCRXLR4tQ6F3FXee4S9zgrzuWDjSCxtvQ3R6j4UwuICq5bgnn3jPAl9BrGgaK0i5oP5ULCTWajbDPWmFtrQLSkEhs1gBqcLEQ4EU-s2yjMbW55fFFmdVrJpTUvLJNiP2FaiiAUzBI=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash cde4b561ddf11db7c797e18ab276a0a4
1f37521223f2a5864f723a5be10642db42638a7d
0be7c99c5697fff87b23cff7c042c615ac2e44ed756de2057c9aa49b0b9e4643
GET /blogger_img_proxy/ANbyha1vU8YGOB2RiDSCRXLR4tQ6F3FXee4S9zgrzuWDjSCxtvQ3R6j4UwuICq5bgnn3jPAl9BrGgaK0i5oP5ULCTWajbDPWmFtrQLSkEhs1gBqcLEQ4EU-s2yjMbW55fFFmdVrJpTUvLJNiP2FaiiAUzBI=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 12:56:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 12:56:32 GMT
server: fife
content-length: 4299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
content.osgnetworks.tv/gunsandammo/content/photos/Anatomy-of-a-Scope-2.jpg
200 OK 74 kB URL HTTP/1.1 content.osgnetworks.tv/gunsandammo/content/photos/Anatomy-of-a-Scope-2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 770x513, components 3\012- data
Hash b3be4972c6af3a8446b7d70478a92e09
7cb1cf825ad819fabaefe6a51d29fc25af0e5c79
0d8acaffff1f9781c0dc8daf9b5241bfead38b6bbe88210c1bbfcc23bd49bf05
GET /gunsandammo/content/photos/Anatomy-of-a-Scope-2.jpg HTTP/1.1
Host: content.osgnetworks.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: image/jpeg
Last-Modified: Mon, 20 Apr 2020 19:07:49 GMT
Accept-Ranges: bytes
ETag: "5dfaadfb4617d61:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 27 Sep 2022 12:44:18 GMT
Content-Length: 73612
Connection: Keep-alive
Age: 733
content.osgnetworks.tv/gunsandammo/content/photos/Anatomy-of-a-Scope-3.jpg
200 OK 61 kB URL HTTP/1.1 content.osgnetworks.tv/gunsandammo/content/photos/Anatomy-of-a-Scope-3.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 770x513, components 3\012- data
Hash 2827cf24106bdaa636a40b275b901ab7
6b1c29bc7bb22f437a970ef29e22b36aabaf8b5a
8cab19765ad0fa180e8c196aa0b5048f54fc0b04b2deea1fcf2fcf95eaaa1582
GET /gunsandammo/content/photos/Anatomy-of-a-Scope-3.jpg HTTP/1.1
Host: content.osgnetworks.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: image/jpeg
Last-Modified: Mon, 20 Apr 2020 19:07:48 GMT
Accept-Ranges: bytes
ETag: "60368afb4617d61:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 27 Sep 2022 12:44:18 GMT
Content-Length: 61104
Connection: Keep-alive
Age: 733
content.osgnetworks.tv/gunsandammo/content/photos/Anatomy-of-a-Scope-1.jpg
200 OK 52 kB URL HTTP/1.1 content.osgnetworks.tv/gunsandammo/content/photos/Anatomy-of-a-Scope-1.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 770x539, components 3\012- data
Hash 0ea3b1f213e57c06c4c2b43f4dfda6e8
32b1cbc796bd2fc00098e2f42d3cec386af52130
4aadc929ba16a0896645c3b37afa74f3491203fb5e9b08a3d7d27244fe4442cb
GET /gunsandammo/content/photos/Anatomy-of-a-Scope-1.jpg HTTP/1.1
Host: content.osgnetworks.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: image/jpeg
Last-Modified: Mon, 20 Apr 2020 19:07:49 GMT
Accept-Ranges: bytes
ETag: "bc48bcfb4617d61:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 27 Sep 2022 12:44:18 GMT
Content-Length: 52081
Connection: Keep-alive
Age: 733
content.osgnetworks.tv/gunsandammo/content/photos/Anatomy-of-a-Scope-770.jpg
200 OK 70 kB URL HTTP/1.1 content.osgnetworks.tv/gunsandammo/content/photos/Anatomy-of-a-Scope-770.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 770x513, components 3\012- data
Hash 7c5b3712f8c6e84f8a5e22dfd1efea0d
f01005bc6d36075567d2e791b399c36d8ed94e0f
892f39be4b0b1e0e50121477b51f047056f3fa2f22dada3dc2125a6ee5325a02
GET /gunsandammo/content/photos/Anatomy-of-a-Scope-770.jpg HTTP/1.1
Host: content.osgnetworks.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: image/jpeg
Last-Modified: Mon, 20 Apr 2020 19:07:49 GMT
Accept-Ranges: bytes
ETag: "c58498fb4617d61:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 27 Sep 2022 12:44:19 GMT
Content-Length: 69982
Connection: Keep-alive
Age: 733
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4423
Expires: Tue, 27 Sep 2022 14:10:15 GMT
Date: Tue, 27 Sep 2022 12:56:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4423
Expires: Tue, 27 Sep 2022 14:10:15 GMT
Date: Tue, 27 Sep 2022 12:56:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4423
Expires: Tue, 27 Sep 2022 14:10:15 GMT
Date: Tue, 27 Sep 2022 12:56:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 54825
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 54434
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 42637
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 329a3879b2cd6c4e1ddb54bce3d421ed
26c18fd84cf0ec176882e24f79852142c615b26c
bf1c6ea5abe17e197f45b5eaf100a3973e82af082dc22e9929bcdd71af496826
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF1C6EA5ABE17E197F45B5EAF100A3973E82AF082DC22E9929BCDD71AF496826"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13925
Expires: Tue, 27 Sep 2022 16:48:37 GMT
Date: Tue, 27 Sep 2022 12:56:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:02:24 GMT
age: 57248
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 54272
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 41440
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 329a3879b2cd6c4e1ddb54bce3d421ed
26c18fd84cf0ec176882e24f79852142c615b26c
bf1c6ea5abe17e197f45b5eaf100a3973e82af082dc22e9929bcdd71af496826
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF1C6EA5ABE17E197F45B5EAF100A3973E82AF082DC22E9929BCDD71AF496826"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5123
Expires: Tue, 27 Sep 2022 14:21:55 GMT
Date: Tue, 27 Sep 2022 12:56:32 GMT
Connection: keep-alive
annesuspense.com/87b30457de7ee06c41c2443ab2e5e148/invoke.js
200 OK 9.3 kB URL HTTP/1.1 annesuspense.com/87b30457de7ee06c41c2443ab2e5e148/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25070), with no line terminators
Hash b226c16bec1df3f4f49733bbeb01d257
85c5e2c08e3633fcf1601c0e2f49ff8f4e6c9524
fcd240b64835547e2a6be000a75ba6b57ee6b666a80835f362f5b4ca5c9a0ec5
Analyzer Verdict Alert quad9 Sinkholed
GET /87b30457de7ee06c41c2443ab2e5e148/invoke.js HTTP/1.1
Host: annesuspense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sampsonfornor.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2abf16a9e005a0e031d5890c47be8a82
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lh3.googleusercontent.com/blogger_img_proxy/ANbyha14rD-sFEHP4Lxbul2sVwawITAMziMXv17kfjEYdTQKP7MlAaoh2VsUh4xyk48cc7aXd8k4O-b-9wIemTpD15glz1Jr2qO7g9_ahjwKdfXDQU9CRDP7HxtSMSTTaHn7AIU4cqt3j3AMOxrvvNgW2PDjczvsOleoIA=w72-h72-p-k-no-nu
200 OK 3.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha14rD-sFEHP4Lxbul2sVwawITAMziMXv17kfjEYdTQKP7MlAaoh2VsUh4xyk48cc7aXd8k4O-b-9wIemTpD15glz1Jr2qO7g9_ahjwKdfXDQU9CRDP7HxtSMSTTaHn7AIU4cqt3j3AMOxrvvNgW2PDjczvsOleoIA=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 5b5b1e097c6304cf1313d8315c35873e
4547e38f38663bb1cdac14bbb20ccb21933e1a94
38dd47b18332be496d75be68784a72669ea4f7ba5369a017ba56166c4e75adab
GET /blogger_img_proxy/ANbyha14rD-sFEHP4Lxbul2sVwawITAMziMXv17kfjEYdTQKP7MlAaoh2VsUh4xyk48cc7aXd8k4O-b-9wIemTpD15glz1Jr2qO7g9_ahjwKdfXDQU9CRDP7HxtSMSTTaHn7AIU4cqt3j3AMOxrvvNgW2PDjczvsOleoIA=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 12:56:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 12:56:33 GMT
server: fife
content-length: 3142
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
annesuspense.com/44/03/5c/44035c191f4c0ed7ba5fb93f9738442c.js
200 OK 13 kB URL HTTP/1.1 annesuspense.com/44/03/5c/44035c191f4c0ed7ba5fb93f9738442c.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37124), with no line terminators
Hash 1b920591d4d02d0571d0fcbf016fcc16
5875eaf2badeccbd44e1b635a6e2887800f7fb5f
355dc60755903187a3151bf2fbffbcc0c6986687eab9089c88a86225fc607e31
Analyzer Verdict Alert quad9 Sinkholed
GET /44/03/5c/44035c191f4c0ed7ba5fb93f9738442c.js HTTP/1.1
Host: annesuspense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sampsonfornor.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7fc8eb941bfe171406da3e44814212a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 278 B IP
Hash 18e63e03996c64ae5798541fbfd9fd15
9cf14a22e5eff72ca9f8f8f2d159622f47c592e3
488d4f9856a4a2315d9d63feaff435a480a35f1e3707f7c8f1e88941d9ebc938
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3846
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:33 GMT
Last-Modified: Tue, 27 Sep 2022 11:52:27 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ee09b6ab7cfd6fb00b3abacbba58e7bc
4903c09b843081d2e873e272515d2ac8751a0461
92828a32c13bba32c5986661a9570f69f67020c43f452302d7501f159905b731
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:33 GMT
Last-Modified: Tue, 27 Sep 2022 11:27:55 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SrYb5yLQkZ-fHOoaPYq-f9zbe_Wax5KbFR0rBDD0AWQNx6zm8F7H_Q==
Age: 5318
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 1b3ce8b8b6fe1092a0cd92952d6abf4b
f3570dcd5d8ae2ad7480ef26a999a0073235b17f
ab59a7e16c90d9b9464c1069c5f49f70b2831651e94600c721cf7f9a66c69f76
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sampsonfornor.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=caf5311b-bf49-4173-920a-f0c2c46bd0c7:3:1; expires=Fri, 24 Sep 2032 12:56:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
annesuspense.com/22445398d1a51748dcdb9dcab239afd3/invoke.js
200 OK 9.8 kB URL HTTP/1.1 annesuspense.com/22445398d1a51748dcdb9dcab239afd3/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash cecfa6e30afd9f1db0b701ac9625526c
656d9039f859bc92266cff2938a0a17bf5090031
8197261968634b3edd55798d9030acc00b2e1f91456c5b08826c1861345901e5
Analyzer Verdict Alert quad9 Sinkholed
GET /22445398d1a51748dcdb9dcab239afd3/invoke.js HTTP/1.1
Host: annesuspense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5fb01c0fd7c344505669eb1451d4459d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ee09b6ab7cfd6fb00b3abacbba58e7bc
4903c09b843081d2e873e272515d2ac8751a0461
92828a32c13bba32c5986661a9570f69f67020c43f452302d7501f159905b731
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88947
Date: Tue, 27 Sep 2022 12:56:33 GMT
Etag: "63319b85-1d7"
Expires: Wed, 28 Sep 2022 13:39:00 GMT
Last-Modified: Mon, 26 Sep 2022 12:31:01 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ThXE9RsDJInTnI14uO0rmoMSOJcvGMn637jsJQjBg_fz7xPUm9H7-Q==
Age: 4080
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2GKazH3Rk9hlRFbWdoqk30t-mgW3NMOAOXZblxtkOtjuHOmw7fH4RxqAuEUGBviiemuoS-d7kMXN92PqvwHouUO4f0KusKKgCkIFaV3icZxRzhiLyX7xyI3tTFhViEGnr1xen33SjUen1RWZAydPlKLO2zB9HwMjiDGh2oZgpMO6r9CT-fVeZ8Sb41gR3xOr764P8_sDt4JbjFq5BFWQ=w72-h72-p-k-no-nu
200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2GKazH3Rk9hlRFbWdoqk30t-mgW3NMOAOXZblxtkOtjuHOmw7fH4RxqAuEUGBviiemuoS-d7kMXN92PqvwHouUO4f0KusKKgCkIFaV3icZxRzhiLyX7xyI3tTFhViEGnr1xen33SjUen1RWZAydPlKLO2zB9HwMjiDGh2oZgpMO6r9CT-fVeZ8Sb41gR3xOr764P8_sDt4JbjFq5BFWQ=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash d1049d7425d0f2cfc67f204df5460d2d
7ecbb4ab8851adba71174ccc05b014b0e2a124b4
be8f22b24d38b91d78a3a5e712569e27915ae097666cabc0432bcfd4b1c4ca73
GET /blogger_img_proxy/ANbyha2GKazH3Rk9hlRFbWdoqk30t-mgW3NMOAOXZblxtkOtjuHOmw7fH4RxqAuEUGBviiemuoS-d7kMXN92PqvwHouUO4f0KusKKgCkIFaV3icZxRzhiLyX7xyI3tTFhViEGnr1xen33SjUen1RWZAydPlKLO2zB9HwMjiDGh2oZgpMO6r9CT-fVeZ8Sb41gR3xOr764P8_sDt4JbjFq5BFWQ=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 12:56:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 12:56:33 GMT
server: fife
content-length: 3795
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash c683687add49627840a5f28d379cdf62
dbfa29c42bdcd8b0bd5782b9c5502284d7a95cb5
541d366c3e36a8af8961a2b4be3b816a4d238bc2d6a1f5f5af49a6fc2fc71cb3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sampsonfornor.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=3b3fd329-3f72-419c-b7aa-78559d632125:1:1; expires=Fri, 24 Sep 2032 12:56:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 1b3ce8b8b6fe1092a0cd92952d6abf4b
f3570dcd5d8ae2ad7480ef26a999a0073235b17f
ab59a7e16c90d9b9464c1069c5f49f70b2831651e94600c721cf7f9a66c69f76
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: uid_id2=caf5311b-bf49-4173-920a-f0c2c46bd0c7:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sampsonfornor.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3B6aIYUUkHLcuilHFYOAnaMMXNpJuFjwQpg7gpwvxb3jfCvNisxux7nO-ZwnkIthtVpo10SdYNcXu7js5l-oYQk0441y9Hv2AD_KfKEVQ6Ce4ZRZTuBVplkMUlwojqgFdxl6lF=s0-d
200 OK 55 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3B6aIYUUkHLcuilHFYOAnaMMXNpJuFjwQpg7gpwvxb3jfCvNisxux7nO-ZwnkIthtVpo10SdYNcXu7js5l-oYQk0441y9Hv2AD_KfKEVQ6Ce4ZRZTuBVplkMUlwojqgFdxl6lF=s0-d
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 648x433, components 3\012- data
Hash 08966e1387f85ddf6e357d29e4bb42c0
8099a41a2e199e88723f600845c2842e5d4da408
5f3585abab576efca71059e5d4b12af65b0805643a05fefbff894c3cb4722be3
GET /blogger_img_proxy/ANbyha3B6aIYUUkHLcuilHFYOAnaMMXNpJuFjwQpg7gpwvxb3jfCvNisxux7nO-ZwnkIthtVpo10SdYNcXu7js5l-oYQk0441y9Hv2AD_KfKEVQ6Ce4ZRZTuBVplkMUlwojqgFdxl6lF=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 12:56:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 12:56:33 GMT
server: fife
content-length: 54850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 18e63e03996c64ae5798541fbfd9fd15
9cf14a22e5eff72ca9f8f8f2d159622f47c592e3
488d4f9856a4a2315d9d63feaff435a480a35f1e3707f7c8f1e88941d9ebc938
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2737
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:33 GMT
Last-Modified: Tue, 27 Sep 2022 12:10:56 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1wXdko-5lM4Yu5A5gSKKdzadzmND6T2u6VreEsiTPV1X9uPIPi__JuWBdTWvdYIZWFpZLVxVDQaP9LtxzwB4DPmPQSjxuc_Nj48oGT3PamqxfzSO_GSwsMtlzCXbeZolBCXd6-=s0-d
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1wXdko-5lM4Yu5A5gSKKdzadzmND6T2u6VreEsiTPV1X9uPIPi__JuWBdTWvdYIZWFpZLVxVDQaP9LtxzwB4DPmPQSjxuc_Nj48oGT3PamqxfzSO_GSwsMtlzCXbeZolBCXd6-=s0-d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash bd1cbfd4455832d11354017c0559479f
92ae093429a790ff6ad169980b1936d3a3f5e87f
a0191e4e8d429a6345f78ccd28e2474434d38620cc1b68b707f0272b831ba88c
GET /blogger_img_proxy/ANbyha1wXdko-5lM4Yu5A5gSKKdzadzmND6T2u6VreEsiTPV1X9uPIPi__JuWBdTWvdYIZWFpZLVxVDQaP9LtxzwB4DPmPQSjxuc_Nj48oGT3PamqxfzSO_GSwsMtlzCXbeZolBCXd6-=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 12:56:33 GMT
server: fife
content-length: 1724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31a6f3bd424fd8c1592cd32eb1ae67e7
5d49fd7e9612a11052064f7467b1ce713679d2e8
5cbeccad7aac1a2e7e6dcfcc71098ccb072a51642904e375c8ebb39746277fb4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CBECCAD7AAC1A2E7E6DCFCC71098CCB072A51642904E375C8EBB39746277FB4"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1722
Expires: Tue, 27 Sep 2022 13:25:15 GMT
Date: Tue, 27 Sep 2022 12:56:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8adb8bd4d6d35c78158173ec9879a9b1
7661559b991aac6d25ede7276ac438519c75b0d2
750965730237745cbef0cadb7078cc11cd5a32b2ba93b40b4ac62769f583387f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750965730237745CBEF0CADB7078CC11CD5A32B2BA93B40B4AC62769F583387F"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3541
Expires: Tue, 27 Sep 2022 13:55:34 GMT
Date: Tue, 27 Sep 2022 12:56:33 GMT
Connection: keep-alive
burlydeclined.com/ntv.json?key=87b30457de7ee06c41c2443ab2e5e148&vstc=4
200 OK 17 kB URL HTTP/1.1 burlydeclined.com/ntv.json?key=87b30457de7ee06c41c2443ab2e5e148&vstc=4
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16757), with no line terminators
Hash ada3ae767ee2b42dce650ef1914d1757
1768fb4d9df216842d941c2a28fa85b5a114a9ed
780b4ee24be045e21d7e86e062752f0dbcabb33c5cd0fbe73a69e6af1ad632c9
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=87b30457de7ee06c41c2443ab2e5e148&vstc=4 HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:33 GMT
Content-Type: application/json
Content-Length: 16757
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sampsonfornor.blogspot.com
Access-Control-Allow-Origin: https://sampsonfornor.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16721230; expires=Wed, 28 Sep 2022 12:56:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 28 Sep 2022 12:56:33 GMT; secure; SameSite=None
uncs=1; expires=Wed, 28 Sep 2022 12:56:33 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 28 Sep 2022 12:56:33 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 28 Sep 2022 12:56:33 GMT; secure; SameSite=None
nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]; expires=Tue, 27 Sep 2022 12:56:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 18261327d23780df878d06ad5596182d
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 904a8d4d380c2afb0f06401ce4c8491e
6c09e83415a209d302caba25187cae51fb998e9e
10724ff231265f6c0da44eb9ade0a936362252cad64cbcebb1d4414f4985730a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10724FF231265F6C0DA44EB9ADE0A936362252CAD64CBCEBB1D4414F4985730A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9375
Expires: Tue, 27 Sep 2022 15:32:48 GMT
Date: Tue, 27 Sep 2022 12:56:33 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:51:07 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 385419576
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
grumblecrytopless.com/watch.1391883587443.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22what%22%2C%22is%22%2C%22controlled%22%2C%22by%22%2C%22the%22%2C%22side%22%2C%22dial%22%2C%22on%22%2C%22a%22%2C%22telescopic%22%2C%22sight%22%2C%22-%22%2C%22sampson%22%2C%22fornor%22%5D&refer=https%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&tz=0&dev=r&res=12.31&uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7%3A3%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 grumblecrytopless.com/watch.1391883587443.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22what%22%2C%22is%22%2C%22controlled%22%2C%22by%22%2C%22the%22%2C%22side%22%2C%22dial%22%2C%22on%22%2C%22a%22%2C%22telescopic%22%2C%22sight%22%2C%22-%22%2C%22sampson%22%2C%22fornor%22%5D&refer=https%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&tz=0&dev=r&res=12.31&uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7%3A3%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1391883587443.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22what%22%2C%22is%22%2C%22controlled%22%2C%22by%22%2C%22the%22%2C%22side%22%2C%22dial%22%2C%22on%22%2C%22a%22%2C%22telescopic%22%2C%22sight%22%2C%22-%22%2C%22sampson%22%2C%22fornor%22%5D&refer=https%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&tz=0&dev=r&res=12.31&uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7%3A3%3A1 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 12:56:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sampsonfornor.blogspot.com
Access-Control-Allow-Origin: https://sampsonfornor.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://grumblecrytopless.com/watch.1391883587443.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22what%22%2C%22is%22%2C%22controlled%22%2C%22by%22%2C%22the%22%2C%22side%22%2C%22dial%22%2C%22on%22%2C%22a%22%2C%22telescopic%22%2C%22sight%22%2C%22-%22%2C%22sampson%22%2C%22fornor%22%5D&refer=https%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&tz=0&dev=r&res=12.31&uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7%3A3%3A1&shu=a636298d5137d963fc88892329c602cacfe097de66c6816c67dea4799bf60c852f3fc0f16a4cab367d4785e002710597ea5a82ab177911fa995b39fb580c71032a4fcf429cb74483d0d73bac8175fd52c448b685f3de258c74ce8dff7e1b37&pst=1664283453&rmtc=t
Set-Cookie: u_pl=16073926; expires=Wed, 28 Sep 2022 12:56:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA3MzkyNiwiayI6IjIyNDQ1Mzk4ZDFhNTE3NDhkY2RiOWRjYWIyMzlhZmQzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDkxMjI3LCJwaWQiOjI4MjYxNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJqZWpkYjQ5Nml5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NhbXBzb25mb3Jub3IuYmxvZ3Nwb3QuY29tLzIwMjIvMDUvd2hhdC1pcy1jb250cm9sbGVkLWJ5LXNpZGUtZGlhbC1vbi5odG1sIn19.H7NphFV-aMQa4S2gfUpTR-VYO9EcGZZ2_EO8Ypt7isE; expires=Tue, 27 Sep 2022 12:57:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e9a9f2ea2491c2c88d04a36b56bc1c8
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a9077c0af71e994499eb2eef44e3d59e
24edbb18d684e840bf76b8862138d70c7f4fec70
9df839ab826b15464f753175dc7105a9f25d5f067e7cf9c0f22720d5d30e300a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DF839AB826B15464F753175DC7105A9F25D5F067E7CF9C0F22720D5D30E300A"
Last-Modified: Tue, 27 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5553
Expires: Tue, 27 Sep 2022 14:29:07 GMT
Date: Tue, 27 Sep 2022 12:56:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eed381093f60d265bf0cc2970650014c
634000599092742388caef6f1a2c6d5378e6c1bb
2501f62b10b278c0e95705040a281c9dd8df9ee336c30995c85f5329fd8be7c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2501F62B10B278C0E95705040A281C9DD8DF9EE336C30995C85F5329FD8BE7C0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4392
Expires: Tue, 27 Sep 2022 14:09:46 GMT
Date: Tue, 27 Sep 2022 12:56:34 GMT
Connection: keep-alive
grumblecrytopless.com/watch.1391883587443.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22what%22%2C%22is%22%2C%22controlled%22%2C%22by%22%2C%22the%22%2C%22side%22%2C%22dial%22%2C%22on%22%2C%22a%22%2C%22telescopic%22%2C%22sight%22%2C%22-%22%2C%22sampson%22%2C%22fornor%22%5D&refer=https%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&tz=0&dev=r&res=12.31&uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7%3A3%3A1&shu=a636298d5137d963fc88892329c602cacfe097de66c6816c67dea4799bf60c852f3fc0f16a4cab367d4785e002710597ea5a82ab177911fa995b39fb580c71032a4fcf429cb74483d0d73bac8175fd52c448b685f3de258c74ce8dff7e1b37&pst=1664283453&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 grumblecrytopless.com/watch.1391883587443.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22what%22%2C%22is%22%2C%22controlled%22%2C%22by%22%2C%22the%22%2C%22side%22%2C%22dial%22%2C%22on%22%2C%22a%22%2C%22telescopic%22%2C%22sight%22%2C%22-%22%2C%22sampson%22%2C%22fornor%22%5D&refer=https%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&tz=0&dev=r&res=12.31&uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7%3A3%3A1&shu=a636298d5137d963fc88892329c602cacfe097de66c6816c67dea4799bf60c852f3fc0f16a4cab367d4785e002710597ea5a82ab177911fa995b39fb580c71032a4fcf429cb74483d0d73bac8175fd52c448b685f3de258c74ce8dff7e1b37&pst=1664283453&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2639)
Hash 03758973066e9a694243aff5a5d59d04
d764aab8602ddead5047e6014c9c86b57f93a5dc
85b7c7c17157c72ea10a90502794cd594041a64e05362437fc30eb16841786fe
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1391883587443.js?key=22445398d1a51748dcdb9dcab239afd3&kw=%5B%22what%22%2C%22is%22%2C%22controlled%22%2C%22by%22%2C%22the%22%2C%22side%22%2C%22dial%22%2C%22on%22%2C%22a%22%2C%22telescopic%22%2C%22sight%22%2C%22-%22%2C%22sampson%22%2C%22fornor%22%5D&refer=https%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&tz=0&dev=r&res=12.31&uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7%3A3%3A1&shu=a636298d5137d963fc88892329c602cacfe097de66c6816c67dea4799bf60c852f3fc0f16a4cab367d4785e002710597ea5a82ab177911fa995b39fb580c71032a4fcf429cb74483d0d73bac8175fd52c448b685f3de258c74ce8dff7e1b37&pst=1664283453&rmtc=t HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Referer: https://sampsonfornor.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16073926; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA3MzkyNiwiayI6IjIyNDQ1Mzk4ZDFhNTE3NDhkY2RiOWRjYWIyMzlhZmQzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDkxMjI3LCJwaWQiOjI4MjYxNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJqZWpkYjQ5Nml5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NhbXBzb25mb3Jub3IuYmxvZ3Nwb3QuY29tLzIwMjIvMDUvd2hhdC1pcy1jb250cm9sbGVkLWJ5LXNpZGUtZGlhbC1vbi5odG1sIn19.H7NphFV-aMQa4S2gfUpTR-VYO9EcGZZ2_EO8Ypt7isE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sampsonfornor.blogspot.com
Access-Control-Allow-Origin: https://sampsonfornor.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=caf5311b-bf49-4173-920a-f0c2c46bd0c7:3:1; expires=Tue, 04 Oct 2022 12:56:34 GMT; secure; SameSite=None
iprcb516a778c11d6e16dc9a8b5bf1e6e48c=3569806; expires=Tue, 27 Sep 2022 16:56:34 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 28 Sep 2022 12:56:34 GMT; secure; SameSite=None
uncs=1; expires=Wed, 28 Sep 2022 12:56:34 GMT; secure; SameSite=None
pdhtkv5=true; expires=Wed, 28 Sep 2022 12:56:34 GMT; secure; SameSite=None
uncs5=1; expires=Wed, 28 Sep 2022 12:56:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: baafcea253138e85d61fee82e9b28582
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzdzEL2oLILoYRRWFGTS3TOZmbiHxXWNBGOy7ip6k%2BqqmkmZ6q6mqrp7klN0QffgYQ5e9NT5JtngGkT%2FAINOFkSCQuaWw8az54VFT0qPwdEH3e979b3D772qT3ayM%2BIjo6fX3tJbUik6v9Dw6y%2B%2BHwSX6ysyyQb1Qbf9Qbt1uW7yVxbbDf%2Bl%2BhuCbej50A98P%2FCD%2BpI0oqcH85UJmR4sBo1Fv9EKG8FCCwPz%2F9pmHiz1wPMz8iQkn9TueRch2RhJ%2FO01YTecTl9%2BPc4Uddog5%2FvvJhuJLhLEM9kzHnrJ%2Fnk3tD1ZOoRO9qa40Pm%2FjZGcEO%2BnQ0TJ%2Fjkkonx3yhkpiAQRfwxFPoZQY0g6BtO3IPkJARjH6hqS%2BM6qNgXd%2FMellTshtYcPIIsJqd2%2FiCT%2B5qqSg%2FpNrTIndWIx6JWQgzFkf4w0O4LbugBZHIG5jyH5r2T%2B4QqSeHfNKg3Jy%2BnsUo4he2MoMQS1HrLqkx6ynocs9RDz0zoLgqDjc0b97iJjTd4RUZv7Ae30Ahr47S4yVuEN4dIhmBqCmW2kZhsbcgiT%2FQC7XsJyD9ZNiPf2NnJeohAEhSUoKEEhCQpHUOTlHlc2tOUdrmwWBec5PM%2FNcqRdf4fuadcXCdlJz8gT0738dWkVG%2BK03u1ETb%2B10OGiI4TfZq2Aha1Wk0ahWBBBqwsrS0h7YTrqlpyQp358BqmckNran4joEaw6ApNzoFkAWow6oQ%2B6Pmp1fWwlp8%2Bt68Lpwkgn3Lo0brMnc9GIlO7bVLsG0zG4LpG6Gtymt6POyNNTuufnfoNgx1fuPnvwSPDC72CmRGpKfCjvEfTV7dENXZDdG7qw5Lu11MlYbtHqRm866sTc3TfFZqENX75mh1%2B9yiqjkgfvCOtWaMJl0rfk66uSc2GWtGGCfL9s3xPR9cyuX81MkqUr119bWo5TI6yVOhmDypO1P8CqsT86nD7Vx3%2F5FNKMYbIScXZMzgNSH4Gl27DpjN7qORg164lSD0VWjkwYzQ6VJFBiVtOohP1PHc30jr2NvglB3S0kcYnclMhVCaqGsNmjI5ea4ys%2Ff1HFl4hUbRQpU9uNlFGfT1db%2Fe5PSP3SZ5U6g5Wn9U6z6dP24kLQ6VDRiVpht9cOOKVhqx2227QJZycsfOD9DQAA%2F%2F8BAAD%2F%2FyoecKqEBAAA
200 OK 7 B URL HTTP/1.1 burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzdzEL2oLILoYRRWFGTS3TOZmbiHxXWNBGOy7ip6k%2BqqmkmZ6q6mqrp7klN0QffgYQ5e9NT5JtngGkT%2FAINOFkSCQuaWw8az54VFT0qPwdEH3e979b3D772qT3ayM%2BIjo6fX3tJbUik6v9Dw6y%2B%2BHwSX6ysyyQb1Qbf9Qbt1uW7yVxbbDf%2Bl%2BhuCbej50A98P%2FCD%2BpI0oqcH85UJmR4sBo1Fv9EKG8FCCwPz%2F9pmHiz1wPMz8iQkn9TueRch2RhJ%2FO01YTecTl9%2BPc4Uddog5%2FvvJhuJLhLEM9kzHnrJ%2Fnk3tD1ZOoRO9qa40Pm%2FjZGcEO%2BnQ0TJ%2Fjkkonx3yhkpiAQRfwxFPoZQY0g6BtO3IPkJARjH6hqS%2BM6qNgXd%2FMellTshtYcPIIsJqd2%2FiCT%2B5qqSg%2FpNrTIndWIx6JWQgzFkf4w0O4LbugBZHIG5jyH5r2T%2B4QqSeHfNKg3Jy%2BnsUo4he2MoMQS1HrLqkx6ynocs9RDz0zoLgqDjc0b97iJjTd4RUZv7Ae30Ahr47S4yVuEN4dIhmBqCmW2kZhsbcgiT%2FQC7XsJyD9ZNiPf2NnJeohAEhSUoKEEhCQpHUOTlHlc2tOUdrmwWBec5PM%2FNcqRdf4fuadcXCdlJz8gT0738dWkVG%2BK03u1ETb%2B10OGiI4TfZq2Aha1Wk0ahWBBBqwsrS0h7YTrqlpyQp358BqmckNran4joEaw6ApNzoFkAWow6oQ%2B6Pmp1fWwlp8%2Bt68Lpwkgn3Lo0brMnc9GIlO7bVLsG0zG4LpG6Gtymt6POyNNTuufnfoNgx1fuPnvwSPDC72CmRGpKfCjvEfTV7dENXZDdG7qw5Lu11MlYbtHqRm866sTc3TfFZqENX75mh1%2B9yiqjkgfvCOtWaMJl0rfk66uSc2GWtGGCfL9s3xPR9cyuX81MkqUr119bWo5TI6yVOhmDypO1P8CqsT86nD7Vx3%2F5FNKMYbIScXZMzgNSH4Gl27DpjN7qORg164lSD0VWjkwYzQ6VJFBiVtOohP1PHc30jr2NvglB3S0kcYnclMhVCaqGsNmjI5ea4ys%2Ff1HFl4hUbRQpU9uNlFGfT1db%2Fe5PSP3SZ5U6g5Wn9U6z6dP24kLQ6VDRiVpht9cOOKVhqx2227QJZycsfOD9DQAA%2F%2F8BAAD%2F%2FyoecKqEBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzdzEL2oLILoYRRWFGTS3TOZmbiHxXWNBGOy7ip6k%2BqqmkmZ6q6mqrp7klN0QffgYQ5e9NT5JtngGkT%2FAINOFkSCQuaWw8az54VFT0qPwdEH3e979b3D772qT3ayM%2BIjo6fX3tJbUik6v9Dw6y%2B%2BHwSX6ysyyQb1Qbf9Qbt1uW7yVxbbDf%2Bl%2BhuCbej50A98P%2FCD%2BpI0oqcH85UJmR4sBo1Fv9EKG8FCCwPz%2F9pmHiz1wPMz8iQkn9TueRch2RhJ%2FO01YTecTl9%2BPc4Uddog5%2FvvJhuJLhLEM9kzHnrJ%2Fnk3tD1ZOoRO9qa40Pm%2FjZGcEO%2BnQ0TJ%2Fjkkonx3yhkpiAQRfwxFPoZQY0g6BtO3IPkJARjH6hqS%2BM6qNgXd%2FMellTshtYcPIIsJqd2%2FiCT%2B5qqSg%2FpNrTIndWIx6JWQgzFkf4w0O4LbugBZHIG5jyH5r2T%2B4QqSeHfNKg3Jy%2BnsUo4he2MoMQS1HrLqkx6ynocs9RDz0zoLgqDjc0b97iJjTd4RUZv7Ae30Ahr47S4yVuEN4dIhmBqCmW2kZhsbcgiT%2FQC7XsJyD9ZNiPf2NnJeohAEhSUoKEEhCQpHUOTlHlc2tOUdrmwWBec5PM%2FNcqRdf4fuadcXCdlJz8gT0738dWkVG%2BK03u1ETb%2B10OGiI4TfZq2Aha1Wk0ahWBBBqwsrS0h7YTrqlpyQp358BqmckNran4joEaw6ApNzoFkAWow6oQ%2B6Pmp1fWwlp8%2Bt68Lpwkgn3Lo0brMnc9GIlO7bVLsG0zG4LpG6Gtymt6POyNNTuufnfoNgx1fuPnvwSPDC72CmRGpKfCjvEfTV7dENXZDdG7qw5Lu11MlYbtHqRm866sTc3TfFZqENX75mh1%2B9yiqjkgfvCOtWaMJl0rfk66uSc2GWtGGCfL9s3xPR9cyuX81MkqUr119bWo5TI6yVOhmDypO1P8CqsT86nD7Vx3%2F5FNKMYbIScXZMzgNSH4Gl27DpjN7qORg164lSD0VWjkwYzQ6VJFBiVtOohP1PHc30jr2NvglB3S0kcYnclMhVCaqGsNmjI5ea4ys%2Ff1HFl4hUbRQpU9uNlFGfT1db%2Fe5PSP3SZ5U6g5Wn9U6z6dP24kLQ6VDRiVpht9cOOKVhqx2227QJZycsfOD9DQAA%2F%2F8BAAD%2F%2FyoecKqEBAAA HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16721230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 528f4d5c21e2fa170b4d0052dd6efbf3
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
200 OK 29 kB URL HTTP/2 cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc
GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:34 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Thu, 29 Sep 2022 12:56:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8
GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:34 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Thu, 29 Sep 2022 12:56:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 4452445afb73fab8af9ff308eb667024
130401c47d822426e1cce9981c30d775cba1b576
923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd
GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:34 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Thu, 29 Sep 2022 12:56:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash c6f19781c79ff746b99178f813cfbff2
5c307e43c63001535aa3a3683777dbb1a7f0775b
816b5a5d078f27271fa2d7c210d708f386a6f9fbd9242531b07f0b051382870d
GET /cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:34 GMT
content-type: image/jpeg
content-length: 22883
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:15:16 GMT
etag: "611243a4-5963"
expires: Thu, 29 Sep 2022 12:56:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:34 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Thu, 29 Sep 2022 12:56:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzdzEL2oLILoYRRWFGTSPb%2FjHhZjjARjsu4qepP6NZMy1V1NVfX0JKfogu7Bwxy86KnznWSDaxD9Aww6WRAJCplbDhvPnhcWPSkzBkcfdL%2Fvq%2B87fN6r%2BmQ3OychMnq29JbZVlrT%2BUYlLL%2F4fhRdLa%2BqJOuX%2B%2B3mB8361bLtvbLQrIQvld%2BQfNPMV8MoDKMwKi8rKzumPz8xodLDhaiyEFbq1UrUqKNv%2F1%2B7LICjAUTvnDwJJcale8FlKD5CEn%2B7JN2mN%2BnLr8eZpt5Y9MTBu8lmYvIE8Ux2bIBOcnDRDeNOl49gkv0pLkzv30amxiT46QgsObiABOvtTTmZhkzAxGPIeyNIPYKiI3BzC0qcEoALrK0jie%2BsGZvTrX9cOnHHpPTwAVQ%2BJqX7l5HE3yxq1S%2FfNDrzyiQO%2FU4B1R9BdUdIs2P47UtQ%2BTG4%2FxhK%2FErmH64iiffWnTZQopjOrtQIqjOClgNQFyCbfCpA1gmQpQFicVbmURS1QsFp2F7gvCZakjVFGNFWJ6JR2Gwj4xO8AXw6ANcDcLuD1O5gUw1gsx%2FgNgo4EcD5MQne3kFPFMglQe4IckqQK4LcE%2BS9Yl9oV3XFHaFdxqKLXL3ItWJofHeX7hvflQnZTc%2FJE9O9%2FHVlDZvyrNxusVpYb7SEbEkZNnk94tV6vUZZVTZkVG%2FDqQLKXZqOuq3G5Kkfn0GqxqS0%2FicYPYbTx%2BBqDjSLQPNhqxqCbgzr7RDbydlzGyb3JrfKS7%2BhrN%2FqqJ6sMG26LjW%2Bwk0MYQqkvgS%2FFezqc%2FL0lO75ud8g%2Bcm1u88ePhK98Du4LZDaAh%2BqewRdfXt4w%2BRk74bJHfluPfUqVtt0cqM3PfVy7u6bcis3VqwsucFXr%2FKJMZGH70jnV2kiVNJ15OtFJYS0y8ZySb5fce9Jdj1zG4uZTbJ09fpryytxaqVzyiQjUHW6%2Fgf4ZOyPjqZP9fFfPoWyI9isQJydkIuAMsfg6Q5cOqN3Zg5Wz3pYGiDPiqGtstmhVgRazmrKCrj%2F1Gymd91tdG0V1N9CEhfo2QI9XYDqAVz26NCn9uTaz19M4kswXRoybUt7TFv9%2BXS1k9%2F9MSlf%2BWyizuHUWbkWihaTHdlist6odyQXrNFgIe9wVhPtNod3Y159EPwNAAD%2F%2FwEAAP%2F%2FqsqlQoQEAAA%3D
200 OK 7 B URL HTTP/1.1 burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzdzEL2oLILoYRRWFGTSPb%2FjHhZjjARjsu4qepP6NZMy1V1NVfX0JKfogu7Bwxy86KnznWSDaxD9Aww6WRAJCplbDhvPnhcWPSkzBkcfdL%2Fvq%2B87fN6r%2BmQ3OychMnq29JbZVlrT%2BUYlLL%2F4fhRdLa%2BqJOuX%2B%2B3mB8361bLtvbLQrIQvld%2BQfNPMV8MoDKMwKi8rKzumPz8xodLDhaiyEFbq1UrUqKNv%2F1%2B7LICjAUTvnDwJJcale8FlKD5CEn%2B7JN2mN%2BnLr8eZpt5Y9MTBu8lmYvIE8Ux2bIBOcnDRDeNOl49gkv0pLkzv30amxiT46QgsObiABOvtTTmZhkzAxGPIeyNIPYKiI3BzC0qcEoALrK0jie%2BsGZvTrX9cOnHHpPTwAVQ%2BJqX7l5HE3yxq1S%2FfNDrzyiQO%2FU4B1R9BdUdIs2P47UtQ%2BTG4%2FxhK%2FErmH64iiffWnTZQopjOrtQIqjOClgNQFyCbfCpA1gmQpQFicVbmURS1QsFp2F7gvCZakjVFGNFWJ6JR2Gwj4xO8AXw6ANcDcLuD1O5gUw1gsx%2FgNgo4EcD5MQne3kFPFMglQe4IckqQK4LcE%2BS9Yl9oV3XFHaFdxqKLXL3ItWJofHeX7hvflQnZTc%2FJE9O9%2FHVlDZvyrNxusVpYb7SEbEkZNnk94tV6vUZZVTZkVG%2FDqQLKXZqOuq3G5Kkfn0GqxqS0%2FicYPYbTx%2BBqDjSLQPNhqxqCbgzr7RDbydlzGyb3JrfKS7%2BhrN%2FqqJ6sMG26LjW%2Bwk0MYQqkvgS%2FFezqc%2FL0lO75ud8g%2Bcm1u88ePhK98Du4LZDaAh%2BqewRdfXt4w%2BRk74bJHfluPfUqVtt0cqM3PfVy7u6bcis3VqwsucFXr%2FKJMZGH70jnV2kiVNJ15OtFJYS0y8ZySb5fce9Jdj1zG4uZTbJ09fpryytxaqVzyiQjUHW6%2Fgf4ZOyPjqZP9fFfPoWyI9isQJydkIuAMsfg6Q5cOqN3Zg5Wz3pYGiDPiqGtstmhVgRazmrKCrj%2F1Gymd91tdG0V1N9CEhfo2QI9XYDqAVz26NCn9uTaz19M4kswXRoybUt7TFv9%2BXS1k9%2F9MSlf%2BWyizuHUWbkWihaTHdlist6odyQXrNFgIe9wVhPtNod3Y159EPwNAAD%2F%2FwEAAP%2F%2FqsqlQoQEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzdzEL2oLILoYRRWFGTSPb%2FjHhZjjARjsu4qepP6NZMy1V1NVfX0JKfogu7Bwxy86KnznWSDaxD9Aww6WRAJCplbDhvPnhcWPSkzBkcfdL%2Fvq%2B87fN6r%2BmQ3OychMnq29JbZVlrT%2BUYlLL%2F4fhRdLa%2BqJOuX%2B%2B3mB8361bLtvbLQrIQvld%2BQfNPMV8MoDKMwKi8rKzumPz8xodLDhaiyEFbq1UrUqKNv%2F1%2B7LICjAUTvnDwJJcale8FlKD5CEn%2B7JN2mN%2BnLr8eZpt5Y9MTBu8lmYvIE8Ux2bIBOcnDRDeNOl49gkv0pLkzv30amxiT46QgsObiABOvtTTmZhkzAxGPIeyNIPYKiI3BzC0qcEoALrK0jie%2BsGZvTrX9cOnHHpPTwAVQ%2BJqX7l5HE3yxq1S%2FfNDrzyiQO%2FU4B1R9BdUdIs2P47UtQ%2BTG4%2FxhK%2FErmH64iiffWnTZQopjOrtQIqjOClgNQFyCbfCpA1gmQpQFicVbmURS1QsFp2F7gvCZakjVFGNFWJ6JR2Gwj4xO8AXw6ANcDcLuD1O5gUw1gsx%2FgNgo4EcD5MQne3kFPFMglQe4IckqQK4LcE%2BS9Yl9oV3XFHaFdxqKLXL3ItWJofHeX7hvflQnZTc%2FJE9O9%2FHVlDZvyrNxusVpYb7SEbEkZNnk94tV6vUZZVTZkVG%2FDqQLKXZqOuq3G5Kkfn0GqxqS0%2FicYPYbTx%2BBqDjSLQPNhqxqCbgzr7RDbydlzGyb3JrfKS7%2BhrN%2FqqJ6sMG26LjW%2Bwk0MYQqkvgS%2FFezqc%2FL0lO75ud8g%2Bcm1u88ePhK98Du4LZDaAh%2BqewRdfXt4w%2BRk74bJHfluPfUqVtt0cqM3PfVy7u6bcis3VqwsucFXr%2FKJMZGH70jnV2kiVNJ15OtFJYS0y8ZySb5fce9Jdj1zG4uZTbJ09fpryytxaqVzyiQjUHW6%2Fgf4ZOyPjqZP9fFfPoWyI9isQJydkIuAMsfg6Q5cOqN3Zg5Wz3pYGiDPiqGtstmhVgRazmrKCrj%2F1Gymd91tdG0V1N9CEhfo2QI9XYDqAVz26NCn9uTaz19M4kswXRoybUt7TFv9%2BXS1k9%2F9MSlf%2BWyizuHUWbkWihaTHdlist6odyQXrNFgIe9wVhPtNod3Y159EPwNAAD%2F%2FwEAAP%2F%2FqsqlQoQEAAA%3D HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16721230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 17ef542035bc95d18d1b8d3e497b9b2c
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzdzEL2oLILoYRRWFGTS3TOZmbiHxXWNBGOy7ip6k%2BqqmkmZ6q6mqrp7klN0UfbgYQ5e9NT5JtngGkT%2FAINOFkSCQuaWw8az54VFT0qPwdEHxftefe%2Fwe6%2Fq053sjPjI6Om1t%2FSWVIrOLzT8%2BovvB8Hl%2BopMskF90G1%2F0G5drpv8lcV2w3%2Bp%2FoZgG3o%2B9APfD%2FygviSN6OnBfGVCpgeLQWPRb7TCRrDQwsD8v7aZB0s98PyMPAnJJ7V73kVINkYSf3tN2A2n05dfjzNFnTbI%2Bf67yUaiiwTxTPaMh16yf94NbU%2BWDqGTvSkudP5vYyQnxPvpEFGyfw6JKN%2BdckYKIkHEH0ORjyHUGJKOwfQtSH5CAMaxuoYkvrOqTUE3%2F3Fp5U5I7eEDyGJCavcvIom%2FuarkoH5Tq8xJnVgMeiXkYAzZHyPNjuC2LkAWR2DuY0j%2BK5l%2FuIIk3l2zSkPycjq7lGPI3hhKDEGth6w60kPW85ClHmJ%2BWmdBEHR8zqjfXWSsyTsianM%2FoJ1eQAO%2F3UXGKrwhXDoEU0Mws43UbGNDDmGyH2DXS1juwboJ8d7eRs5LFIKgsAQFJSgkQeEIirzc48qGtrzDlc2i4DyH57lZjrTr79A97foiITvpGXliupe%2FLq1iQ5zWu52o6bcWOlx0hPDbrBWwsNVq0igUCyJodWFlCWkvTEfdkhPy1I%2FPIJUTUlv7ExE9glVHYHIONAtAi1En9EHXR62uj63k9Ll1XThdGOmEW5fGbfZkLhqR0n2batdgOgbXJVJXg9v0dtQZeXpK9%2FzcfQh2fOXuswePBC%2F8DmZKpKbEh%2FIeQV%2FdHt3QBdm9oQtLvltLnYzlFq1e9KajTszdfVNsFtrw5Wt2%2BNWrrDIqefCOsG6FJlwmfUu%2Bvio5F2ZJGybI98v2PRFdz%2Bz61cwkWbpy%2FbWl5Tg1wlqpkzGoPFn7A6wa%2B6PD6Vd9%2FJdPIM0YJisRZ8fkPCD1EVi6DZvO6K2eg1Gznii9gCIrRyaMZpdKEigxq2lUwv6njmZ6x95G34Sg7haSuERuSuSqBFVD2OzRkUvN8ZWfv6jiS0SqNoqUqe1GyqjPq9X%2BNt3vhNQvfVapM1h5Wu80mz5tLy4EnQ4VnagVdnvtgFMattphu02bcHbCwgfe3wAAAP%2F%2FAQAA%2F%2F%2FNebyUhAQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzdzEL2oLILoYRRWFGTS3TOZmbiHxXWNBGOy7ip6k%2BqqmkmZ6q6mqrp7klN0UfbgYQ5e9NT5JtngGkT%2FAINOFkSCQuaWw8az54VFT0qPwdEHxftefe%2Fwe6%2Fq053sjPjI6Om1t%2FSWVIrOLzT8%2BovvB8Hl%2BopMskF90G1%2F0G5drpv8lcV2w3%2Bp%2FoZgG3o%2B9APfD%2FygviSN6OnBfGVCpgeLQWPRb7TCRrDQwsD8v7aZB0s98PyMPAnJJ7V73kVINkYSf3tN2A2n05dfjzNFnTbI%2Bf67yUaiiwTxTPaMh16yf94NbU%2BWDqGTvSkudP5vYyQnxPvpEFGyfw6JKN%2BdckYKIkHEH0ORjyHUGJKOwfQtSH5CAMaxuoYkvrOqTUE3%2F3Fp5U5I7eEDyGJCavcvIom%2FuarkoH5Tq8xJnVgMeiXkYAzZHyPNjuC2LkAWR2DuY0j%2BK5l%2FuIIk3l2zSkPycjq7lGPI3hhKDEGth6w60kPW85ClHmJ%2BWmdBEHR8zqjfXWSsyTsianM%2FoJ1eQAO%2F3UXGKrwhXDoEU0Mws43UbGNDDmGyH2DXS1juwboJ8d7eRs5LFIKgsAQFJSgkQeEIirzc48qGtrzDlc2i4DyH57lZjrTr79A97foiITvpGXliupe%2FLq1iQ5zWu52o6bcWOlx0hPDbrBWwsNVq0igUCyJodWFlCWkvTEfdkhPy1I%2FPIJUTUlv7ExE9glVHYHIONAtAi1En9EHXR62uj63k9Ll1XThdGOmEW5fGbfZkLhqR0n2batdgOgbXJVJXg9v0dtQZeXpK9%2FzcfQh2fOXuswePBC%2F8DmZKpKbEh%2FIeQV%2FdHt3QBdm9oQtLvltLnYzlFq1e9KajTszdfVNsFtrw5Wt2%2BNWrrDIqefCOsG6FJlwmfUu%2Bvio5F2ZJGybI98v2PRFdz%2Bz61cwkWbpy%2FbWl5Tg1wlqpkzGoPFn7A6wa%2B6PD6Vd9%2FJdPIM0YJisRZ8fkPCD1EVi6DZvO6K2eg1Gznii9gCIrRyaMZpdKEigxq2lUwv6njmZ6x95G34Sg7haSuERuSuSqBFVD2OzRkUvN8ZWfv6jiS0SqNoqUqe1GyqjPq9X%2BNt3vhNQvfVapM1h5Wu80mz5tLy4EnQ4VnagVdnvtgFMattphu02bcHbCwgfe3wAAAP%2F%2FAQAA%2F%2F%2FNebyUhAQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzdzEL2oLILoYRRWFGTS3TOZmbiHxXWNBGOy7ip6k%2BqqmkmZ6q6mqrp7klN0UfbgYQ5e9NT5JtngGkT%2FAINOFkSCQuaWw8az54VFT0qPwdEHxftefe%2Fwe6%2Fq053sjPjI6Om1t%2FSWVIrOLzT8%2BovvB8Hl%2BopMskF90G1%2F0G5drpv8lcV2w3%2Bp%2FoZgG3o%2B9APfD%2FygviSN6OnBfGVCpgeLQWPRb7TCRrDQwsD8v7aZB0s98PyMPAnJJ7V73kVINkYSf3tN2A2n05dfjzNFnTbI%2Bf67yUaiiwTxTPaMh16yf94NbU%2BWDqGTvSkudP5vYyQnxPvpEFGyfw6JKN%2BdckYKIkHEH0ORjyHUGJKOwfQtSH5CAMaxuoYkvrOqTUE3%2F3Fp5U5I7eEDyGJCavcvIom%2FuarkoH5Tq8xJnVgMeiXkYAzZHyPNjuC2LkAWR2DuY0j%2BK5l%2FuIIk3l2zSkPycjq7lGPI3hhKDEGth6w60kPW85ClHmJ%2BWmdBEHR8zqjfXWSsyTsianM%2FoJ1eQAO%2F3UXGKrwhXDoEU0Mws43UbGNDDmGyH2DXS1juwboJ8d7eRs5LFIKgsAQFJSgkQeEIirzc48qGtrzDlc2i4DyH57lZjrTr79A97foiITvpGXliupe%2FLq1iQ5zWu52o6bcWOlx0hPDbrBWwsNVq0igUCyJodWFlCWkvTEfdkhPy1I%2FPIJUTUlv7ExE9glVHYHIONAtAi1En9EHXR62uj63k9Ll1XThdGOmEW5fGbfZkLhqR0n2batdgOgbXJVJXg9v0dtQZeXpK9%2FzcfQh2fOXuswePBC%2F8DmZKpKbEh%2FIeQV%2FdHt3QBdm9oQtLvltLnYzlFq1e9KajTszdfVNsFtrw5Wt2%2BNWrrDIqefCOsG6FJlwmfUu%2Bvio5F2ZJGybI98v2PRFdz%2Bz61cwkWbpy%2FbWl5Tg1wlqpkzGoPFn7A6wa%2B6PD6Vd9%2FJdPIM0YJisRZ8fkPCD1EVi6DZvO6K2eg1Gznii9gCIrRyaMZpdKEigxq2lUwv6njmZ6x95G34Sg7haSuERuSuSqBFVD2OzRkUvN8ZWfv6jiS0SqNoqUqe1GyqjPq9X%2BNt3vhNQvfVapM1h5Wu80mz5tLy4EnQ4VnagVdnvtgFMattphu02bcHbCwgfe3wAAAP%2F%2FAQAA%2F%2F%2FNebyUhAQAAA%3D%3D HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16721230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c7a13a4c13a1bae0dff61334dc06939
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqzdz%2BPHzIMoiiB5GYUVBJt09k5mJe1hcYyQYk3VX0ZtUV9VMylR3NVXV3ZOcoguyBw9z8KKnzneSDa5h0T%2FAoJMFkYCQueWw8ex5YdGT0mNw9EH3%2B776vsPnvarPdrNz4iOjZ0vv6G2pFJ1faPj1lz8Mgqv1VZlkg%2Fqg2%2F6o3bpaN%2Flri%2B2G%2F0r9LcE29XzoB74f%2BEF9WRrR04P5yoRMDxeDxqLfaIWNYKGFgflvbTMPlnrg%2BTl5GpJPag%2B8y5BsjCT%2BdknYTafTV9%2BMM0WdNsj5wfvJZqKLBPFM9oyHXnJw0Q1tT5ePoJP9KS50%2Fk9jJCfE%2B%2BkIUXJwAYko35tyRgoiQcSfQJGPIdQYko7B9G1IfkoAxrG2jiS%2Bu6ZNQbf%2BdmnlTkjt8SPIYkJqDy8jie9fV3JQv6VV5qROLAa9EnIwhuyPkWbHcNuXIItjMPcpJP%2BFzD9eRRLvrVulIXk5nV3KMWRvDCWGoNZDVn3SQ9bzkKUeYn5WZ0EQdHzOqN9dZKzJOyJqcz%2BgnV5AA7%2FdRcYqvCFcOgRTQzCzg9TsYFMOYbIfYDdKWO7Bugnx3t1BzksUgqCwBAUlKCRB4QiKvNznyoa2vMuVzaLgIocXuVmOtOvv0n3t%2BiIhu%2Bk5eWq6lz%2BvrGFTnNW7najptxY6XHSE8NusFbCw1WrSKBQLImh1YWUJaS9NR92WE%2FLMj88hlRNSW%2F8DET2GVcdgcg40C0CLUSf0QTdGra6P7eTshQ1dOF0Y6YTbkMZt9WQuGpHSfZtq12A6BtclUleD2%2FJ21Tl5dkpXv%2FI5BDu5du%2F5w%2F8FL%2F0GZkqkpsTH8gFBX90Z3dQF2bupC0u%2BW0%2BdjOU2rW70lqNOzN17W2wV2vCVJTv8%2BnVWGZU8fE9Yt0oTLpO%2BJd9cl5wLs6wNE%2BT7FfuBiG5kduN6ZpIsXb3xxvJKnBphrdTJGFServ8OVo39ydH0qT45uQ9pxjBZiTg7IRcBqY%2FB0h3YdEZv9RyMmvVE6RyKrByZMJodKkmgxKymUQn7rzqa6V17B30TgrrbSOISuSmRqxJUDWGz%2F49cak6u%2FfxlFV8hUrVRpExtL1JGfTEhL879Wv0eTpdcqXNYeVbvNJs%2BbS8uBJ0OFZ2oFXZ77YBTGrbaYbtNm3B2wsJH3l8AAAD%2F%2FwEAAP%2F%2FzeEQb4QEAAA%3D
200 OK 7 B URL HTTP/1.1 burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqzdz%2BPHzIMoiiB5GYUVBJt09k5mJe1hcYyQYk3VX0ZtUV9VMylR3NVXV3ZOcoguyBw9z8KKnzneSDa5h0T%2FAoJMFkYCQueWw8ex5YdGT0mNw9EH3%2B776vsPnvarPdrNz4iOjZ0vv6G2pFJ1faPj1lz8Mgqv1VZlkg%2Fqg2%2F6o3bpaN%2Flri%2B2G%2F0r9LcE29XzoB74f%2BEF9WRrR04P5yoRMDxeDxqLfaIWNYKGFgflvbTMPlnrg%2BTl5GpJPag%2B8y5BsjCT%2BdknYTafTV9%2BMM0WdNsj5wfvJZqKLBPFM9oyHXnJw0Q1tT5ePoJP9KS50%2Fk9jJCfE%2B%2BkIUXJwAYko35tyRgoiQcSfQJGPIdQYko7B9G1IfkoAxrG2jiS%2Bu6ZNQbf%2BdmnlTkjt8SPIYkJqDy8jie9fV3JQv6VV5qROLAa9EnIwhuyPkWbHcNuXIItjMPcpJP%2BFzD9eRRLvrVulIXk5nV3KMWRvDCWGoNZDVn3SQ9bzkKUeYn5WZ0EQdHzOqN9dZKzJOyJqcz%2BgnV5AA7%2FdRcYqvCFcOgRTQzCzg9TsYFMOYbIfYDdKWO7Bugnx3t1BzksUgqCwBAUlKCRB4QiKvNznyoa2vMuVzaLgIocXuVmOtOvv0n3t%2BiIhu%2Bk5eWq6lz%2BvrGFTnNW7najptxY6XHSE8NusFbCw1WrSKBQLImh1YWUJaS9NR92WE%2FLMj88hlRNSW%2F8DET2GVcdgcg40C0CLUSf0QTdGra6P7eTshQ1dOF0Y6YTbkMZt9WQuGpHSfZtq12A6BtclUleD2%2FJ21Tl5dkpXv%2FI5BDu5du%2F5w%2F8FL%2F0GZkqkpsTH8gFBX90Z3dQF2bupC0u%2BW0%2BdjOU2rW70lqNOzN17W2wV2vCVJTv8%2BnVWGZU8fE9Yt0oTLpO%2BJd9cl5wLs6wNE%2BT7FfuBiG5kduN6ZpIsXb3xxvJKnBphrdTJGFServ8OVo39ydH0qT45uQ9pxjBZiTg7IRcBqY%2FB0h3YdEZv9RyMmvVE6RyKrByZMJodKkmgxKymUQn7rzqa6V17B30TgrrbSOISuSmRqxJUDWGz%2F49cak6u%2FfxlFV8hUrVRpExtL1JGfTEhL879Wv0eTpdcqXNYeVbvNJs%2BbS8uBJ0OFZ2oFXZ77YBTGrbaYbtNm3B2wsJH3l8AAAD%2F%2FwEAAP%2F%2FzeEQb4QEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqzdz%2BPHzIMoiiB5GYUVBJt09k5mJe1hcYyQYk3VX0ZtUV9VMylR3NVXV3ZOcoguyBw9z8KKnzneSDa5h0T%2FAoJMFkYCQueWw8ex5YdGT0mNw9EH3%2B776vsPnvarPdrNz4iOjZ0vv6G2pFJ1faPj1lz8Mgqv1VZlkg%2Fqg2%2F6o3bpaN%2Flri%2B2G%2F0r9LcE29XzoB74f%2BEF9WRrR04P5yoRMDxeDxqLfaIWNYKGFgflvbTMPlnrg%2BTl5GpJPag%2B8y5BsjCT%2BdknYTafTV9%2BMM0WdNsj5wfvJZqKLBPFM9oyHXnJw0Q1tT5ePoJP9KS50%2Fk9jJCfE%2B%2BkIUXJwAYko35tyRgoiQcSfQJGPIdQYko7B9G1IfkoAxrG2jiS%2Bu6ZNQbf%2BdmnlTkjt8SPIYkJqDy8jie9fV3JQv6VV5qROLAa9EnIwhuyPkWbHcNuXIItjMPcpJP%2BFzD9eRRLvrVulIXk5nV3KMWRvDCWGoNZDVn3SQ9bzkKUeYn5WZ0EQdHzOqN9dZKzJOyJqcz%2BgnV5AA7%2FdRcYqvCFcOgRTQzCzg9TsYFMOYbIfYDdKWO7Bugnx3t1BzksUgqCwBAUlKCRB4QiKvNznyoa2vMuVzaLgIocXuVmOtOvv0n3t%2BiIhu%2Bk5eWq6lz%2BvrGFTnNW7najptxY6XHSE8NusFbCw1WrSKBQLImh1YWUJaS9NR92WE%2FLMj88hlRNSW%2F8DET2GVcdgcg40C0CLUSf0QTdGra6P7eTshQ1dOF0Y6YTbkMZt9WQuGpHSfZtq12A6BtclUleD2%2FJ21Tl5dkpXv%2FI5BDu5du%2F5w%2F8FL%2F0GZkqkpsTH8gFBX90Z3dQF2bupC0u%2BW0%2BdjOU2rW70lqNOzN17W2wV2vCVJTv8%2BnVWGZU8fE9Yt0oTLpO%2BJd9cl5wLs6wNE%2BT7FfuBiG5kduN6ZpIsXb3xxvJKnBphrdTJGFServ8OVo39ydH0qT45uQ9pxjBZiTg7IRcBqY%2FB0h3YdEZv9RyMmvVE6RyKrByZMJodKkmgxKymUQn7rzqa6V17B30TgrrbSOISuSmRqxJUDWGz%2F49cak6u%2FfxlFV8hUrVRpExtL1JGfTEhL879Wv0eTpdcqXNYeVbvNJs%2BbS8uBJ0OFZ2oFXZ77YBTGrbaYbtNm3B2wsJH3l8AAAD%2F%2FwEAAP%2F%2FzeEQb4QEAAA%3D HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16721230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80b7eda662ffdb91d729d0433974714b
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzdzEL2oLILoYRRWFGTSPb%2FjHhZjjARjsu4qepP6NZMy1V1NVfX0JKfoouzBwxy86KnznWSDaxD9Aww6WRAJCplbDhvPnhcWPSkzBkcfFO%2F76vsOn%2FeqPt3NzkmIjJ4tvWW2ldZ0vlEJyy%2B%2BH0VXy6sqyfrlfrv5QbN%2BtWx7ryw0K%2BFL5Tck3zTz1TAKwyiMysvKyo7pz09MqPRwIaoshJV6tRI16ujb%2F9cuC%2BBoANE7J09CiXHpXnAZio%2BQxN8uSbfpTfry63GmqTcWPXHwbrKZmDxBPJMdG6CTHFx0w7jT5SOYZH%2BKC9P7t5GpMQl%2BOgJLDi4gwXp7U06mIRMw8Rjy3ghSj6DoCNzcghKnBOACa%2BtI4jtrxuZ06x%2BXTtwxKT18AJWPSen%2BZSTxN4ta9cs3jc68MolDv1NA9UdQ3RHS7Bh%2B%2BxJUfgzuP4YSv5L5h6tI4r11pw2UKKazKzWC6oyg5QDUBcgmRwXIOgGyNEAszso8iqJWKDgN2wuc10RLsqYII9rqRDQKm21kfII3gE8H4HoAbneQ2h1sqgFs9gPcRgEnAjg%2FJsHbO%2BiJArkkyB1BTglyRZB7grxX7Avtqq64I7TLWHSRqxe5VgyN7%2B7SfeO7MiG76Tl5YrqXv66sYVOeldstVgvrjZaQLSnDJq9HvFqv1yiryoaM6m04VUC5S9NRt9WYPPXjM0jVmJTW%2FwSjx3D6GFzNgWYRaD5sVUPQjWG9HWI7OXtuw%2BTe5FZ56TeU9Vsd1ZMVpk3XpcZXuIkhTIHUl%2BC3gl19Tp6e0j0%2Fdx%2BSn1y7%2B%2BzhI9ELv4PbAqkt8KG6R9DVt4c3TE72bpjcke%2FWU69itU0nL3rTUy%2Fn7r4pt3JjxcqSG3z1Kp8YE3n4jnR%2BlSZCJV1Hvl5UQki7bCyX5PsV955k1zO3sZjZJEtXr7%2B2vBKnVjqnTDICVafrf4BPxv7oaPpVH%2F%2FlEyg7gs0KxNkJuQgocwye7sClM3pn5mD1rIell5BnxdBW2exSKwItZzVlBdx%2FajbTu%2B42urYK6m8hiQv0bIGeLkD1AC57dOhTe3Lt5y8m8SWYLg2ZtqU9pq3%2BfLLa36b7HZPylc8m6hxOnZVroWgx2ZEtJuuNekdywRoNFvIOZzXRbnN4N%2BbVB8HfAAAA%2F%2F8BAAD%2F%2F02taXyEBAAA
200 OK 7 B URL HTTP/1.1 burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzdzEL2oLILoYRRWFGTSPb%2FjHhZjjARjsu4qepP6NZMy1V1NVfX0JKfoouzBwxy86KnznWSDaxD9Aww6WRAJCplbDhvPnhcWPSkzBkcfFO%2F76vsOn%2FeqPt3NzkmIjJ4tvWW2ldZ0vlEJyy%2B%2BH0VXy6sqyfrlfrv5QbN%2BtWx7ryw0K%2BFL5Tck3zTz1TAKwyiMysvKyo7pz09MqPRwIaoshJV6tRI16ujb%2F9cuC%2BBoANE7J09CiXHpXnAZio%2BQxN8uSbfpTfry63GmqTcWPXHwbrKZmDxBPJMdG6CTHFx0w7jT5SOYZH%2BKC9P7t5GpMQl%2BOgJLDi4gwXp7U06mIRMw8Rjy3ghSj6DoCNzcghKnBOACa%2BtI4jtrxuZ06x%2BXTtwxKT18AJWPSen%2BZSTxN4ta9cs3jc68MolDv1NA9UdQ3RHS7Bh%2B%2BxJUfgzuP4YSv5L5h6tI4r11pw2UKKazKzWC6oyg5QDUBcgmRwXIOgGyNEAszso8iqJWKDgN2wuc10RLsqYII9rqRDQKm21kfII3gE8H4HoAbneQ2h1sqgFs9gPcRgEnAjg%2FJsHbO%2BiJArkkyB1BTglyRZB7grxX7Avtqq64I7TLWHSRqxe5VgyN7%2B7SfeO7MiG76Tl5YrqXv66sYVOeldstVgvrjZaQLSnDJq9HvFqv1yiryoaM6m04VUC5S9NRt9WYPPXjM0jVmJTW%2FwSjx3D6GFzNgWYRaD5sVUPQjWG9HWI7OXtuw%2BTe5FZ56TeU9Vsd1ZMVpk3XpcZXuIkhTIHUl%2BC3gl19Tp6e0j0%2Fdx%2BSn1y7%2B%2BzhI9ELv4PbAqkt8KG6R9DVt4c3TE72bpjcke%2FWU69itU0nL3rTUy%2Fn7r4pt3JjxcqSG3z1Kp8YE3n4jnR%2BlSZCJV1Hvl5UQki7bCyX5PsV955k1zO3sZjZJEtXr7%2B2vBKnVjqnTDICVafrf4BPxv7oaPpVH%2F%2FlEyg7gs0KxNkJuQgocwye7sClM3pn5mD1rIell5BnxdBW2exSKwItZzVlBdx%2FajbTu%2B42urYK6m8hiQv0bIGeLkD1AC57dOhTe3Lt5y8m8SWYLg2ZtqU9pq3%2BfLLa36b7HZPylc8m6hxOnZVroWgx2ZEtJuuNekdywRoNFvIOZzXRbnN4N%2BbVB8HfAAAA%2F%2F8BAAD%2F%2F02taXyEBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzdzEL2oLILoYRRWFGTSPb%2FjHhZjjARjsu4qepP6NZMy1V1NVfX0JKfoouzBwxy86KnznWSDaxD9Aww6WRAJCplbDhvPnhcWPSkzBkcfFO%2F76vsOn%2FeqPt3NzkmIjJ4tvWW2ldZ0vlEJyy%2B%2BH0VXy6sqyfrlfrv5QbN%2BtWx7ryw0K%2BFL5Tck3zTz1TAKwyiMysvKyo7pz09MqPRwIaoshJV6tRI16ujb%2F9cuC%2BBoANE7J09CiXHpXnAZio%2BQxN8uSbfpTfry63GmqTcWPXHwbrKZmDxBPJMdG6CTHFx0w7jT5SOYZH%2BKC9P7t5GpMQl%2BOgJLDi4gwXp7U06mIRMw8Rjy3ghSj6DoCNzcghKnBOACa%2BtI4jtrxuZ06x%2BXTtwxKT18AJWPSen%2BZSTxN4ta9cs3jc68MolDv1NA9UdQ3RHS7Bh%2B%2BxJUfgzuP4YSv5L5h6tI4r11pw2UKKazKzWC6oyg5QDUBcgmRwXIOgGyNEAszso8iqJWKDgN2wuc10RLsqYII9rqRDQKm21kfII3gE8H4HoAbneQ2h1sqgFs9gPcRgEnAjg%2FJsHbO%2BiJArkkyB1BTglyRZB7grxX7Avtqq64I7TLWHSRqxe5VgyN7%2B7SfeO7MiG76Tl5YrqXv66sYVOeldstVgvrjZaQLSnDJq9HvFqv1yiryoaM6m04VUC5S9NRt9WYPPXjM0jVmJTW%2FwSjx3D6GFzNgWYRaD5sVUPQjWG9HWI7OXtuw%2BTe5FZ56TeU9Vsd1ZMVpk3XpcZXuIkhTIHUl%2BC3gl19Tp6e0j0%2Fdx%2BSn1y7%2B%2BzhI9ELv4PbAqkt8KG6R9DVt4c3TE72bpjcke%2FWU69itU0nL3rTUy%2Fn7r4pt3JjxcqSG3z1Kp8YE3n4jnR%2BlSZCJV1Hvl5UQki7bCyX5PsV955k1zO3sZjZJEtXr7%2B2vBKnVjqnTDICVafrf4BPxv7oaPpVH%2F%2FlEyg7gs0KxNkJuQgocwye7sClM3pn5mD1rIell5BnxdBW2exSKwItZzVlBdx%2FajbTu%2B42urYK6m8hiQv0bIGeLkD1AC57dOhTe3Lt5y8m8SWYLg2ZtqU9pq3%2BfLLa36b7HZPylc8m6hxOnZVroWgx2ZEtJuuNekdywRoNFvIOZzXRbnN4N%2BbVB8HfAAAA%2F%2F8BAAD%2F%2F02taXyEBAAA HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16721230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80405b79c847f3e0e4119f1d02ab2786
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzdzED2Isgiih1FYUZBJ9%2FyOe1iMMRKMybqr6E3q10zKVHc1VdXTk5yiC7IHD3PwoqfOd5INrmHRP8CgkwWRgJC55bDx7Hlh0ZMyY3DcB93v%2B%2Br7Dp%2F3qr7Yzc5JiIyeLb1ntpXWdL5RCcuvfhxFV8urKsn65X67%2BUmzfrVse28sNCvha%2BV3JN8089UwCsMojMrLysqO6c9PTKj0cCGqLISVerUSNero28drlwVwNIDonZNnocS4dD%2B4DMVHSOLvl6Tb9CZ9%2Fe0409Qbi544%2BDDZTEyeIJ7Jjg3QSQ4uumHc6fIRTLI%2FxYXp%2FdfI1JgEvxyBJQcXkGC9vSkn05AJmHgKeW8EqUdQdARubkGJUwJwgbV1JPGdNWNzuvWvSyfumJQePYTKx6T04DKS%2BN6iVv3yTaMzr0zi0O8UUP0RVHeENDuG374ElR%2BD%2B8%2BhxG9k%2FtEqknhv3WkDJYrp7EqNoDojaDkAdQGyyacCZJ0AWRogFmdlHkVRKxSchu0FzmuiJVlThBFtdSIahc02Mj7BG8CnA3A9ALc7SO0ONtUANvsJbqOAEwGcH5Pg%2FR30RIFcEuSOIKcEuSLIPUHeK%2FaFdlVX3BHaZSy6yNWLXCuGxnd36b7xXZmQ3fScPDPdy99X1rApz8rtFquF9UZLyJaUYZPXI16t12uUVWVDRvU2nCqg3KXpqNtqTJ77%2BQWkakxK63%2BB0WM4fQyu5kCzCDQftqoh6Maw3g6xnZy9tGFyb3KrvPQbyvqtjurJCtOm61LjK9zEEKZA6kvwW8GuPifPT%2BnKV76E5CfX7r54%2BET0yh%2FgtkBqC3yq7hN09e3hDZOTvRsmd%2BSH9dSrWG3TyY3e9NTLubvvyq3cWLGy5AbfvsknxkQefiCdX6WJUEnXke8WlRDSLhvLJflxxX0k2fXMbSxmNsnS1etvLa%2FEqZXOKZOMQNXp%2Bp%2Fgk7E%2FO5o%2B1afH96DsCDYrEGcn5CKgzDF4ugOXzuidmYPVsx6WziHPiqGtstmhVgRazmrKCrj%2F1Wymd91tdG0V1N9CEhfo2QI9XYDqAVz25NCn9uTar19P4hswXRoybUt7TFv91Zi8PPf75PdguuSJOodTZ%2BVaKFpMdmSLyXqj3pFcsEaDhbzDWU202xzejXn1YfAPAAAA%2F%2F8BAAD%2F%2F001xYeEBAAA
200 OK 7 B URL HTTP/1.1 burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzdzED2Isgiih1FYUZBJ9%2FyOe1iMMRKMybqr6E3q10zKVHc1VdXTk5yiC7IHD3PwoqfOd5INrmHRP8CgkwWRgJC55bDx7Hlh0ZMyY3DcB93v%2B%2Br7Dp%2F3qr7Yzc5JiIyeLb1ntpXWdL5RCcuvfhxFV8urKsn65X67%2BUmzfrVse28sNCvha%2BV3JN8089UwCsMojMrLysqO6c9PTKj0cCGqLISVerUSNero28drlwVwNIDonZNnocS4dD%2B4DMVHSOLvl6Tb9CZ9%2Fe0409Qbi544%2BDDZTEyeIJ7Jjg3QSQ4uumHc6fIRTLI%2FxYXp%2FdfI1JgEvxyBJQcXkGC9vSkn05AJmHgKeW8EqUdQdARubkGJUwJwgbV1JPGdNWNzuvWvSyfumJQePYTKx6T04DKS%2BN6iVv3yTaMzr0zi0O8UUP0RVHeENDuG374ElR%2BD%2B8%2BhxG9k%2FtEqknhv3WkDJYrp7EqNoDojaDkAdQGyyacCZJ0AWRogFmdlHkVRKxSchu0FzmuiJVlThBFtdSIahc02Mj7BG8CnA3A9ALc7SO0ONtUANvsJbqOAEwGcH5Pg%2FR30RIFcEuSOIKcEuSLIPUHeK%2FaFdlVX3BHaZSy6yNWLXCuGxnd36b7xXZmQ3fScPDPdy99X1rApz8rtFquF9UZLyJaUYZPXI16t12uUVWVDRvU2nCqg3KXpqNtqTJ77%2BQWkakxK63%2BB0WM4fQyu5kCzCDQftqoh6Maw3g6xnZy9tGFyb3KrvPQbyvqtjurJCtOm61LjK9zEEKZA6kvwW8GuPifPT%2BnKV76E5CfX7r54%2BET0yh%2FgtkBqC3yq7hN09e3hDZOTvRsmd%2BSH9dSrWG3TyY3e9NTLubvvyq3cWLGy5AbfvsknxkQefiCdX6WJUEnXke8WlRDSLhvLJflxxX0k2fXMbSxmNsnS1etvLa%2FEqZXOKZOMQNXp%2Bp%2Fgk7E%2FO5o%2B1afH96DsCDYrEGcn5CKgzDF4ugOXzuidmYPVsx6WziHPiqGtstmhVgRazmrKCrj%2F1Wymd91tdG0V1N9CEhfo2QI9XYDqAVz25NCn9uTar19P4hswXRoybUt7TFv91Zi8PPf75PdguuSJOodTZ%2BVaKFpMdmSLyXqj3pFcsEaDhbzDWU202xzejXn1YfAPAAAA%2F%2F8BAAD%2F%2F001xYeEBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzdzED2Isgiih1FYUZBJ9%2FyOe1iMMRKMybqr6E3q10zKVHc1VdXTk5yiC7IHD3PwoqfOd5INrmHRP8CgkwWRgJC55bDx7Hlh0ZMyY3DcB93v%2B%2Br7Dp%2F3qr7Yzc5JiIyeLb1ntpXWdL5RCcuvfhxFV8urKsn65X67%2BUmzfrVse28sNCvha%2BV3JN8089UwCsMojMrLysqO6c9PTKj0cCGqLISVerUSNero28drlwVwNIDonZNnocS4dD%2B4DMVHSOLvl6Tb9CZ9%2Fe0409Qbi544%2BDDZTEyeIJ7Jjg3QSQ4uumHc6fIRTLI%2FxYXp%2FdfI1JgEvxyBJQcXkGC9vSkn05AJmHgKeW8EqUdQdARubkGJUwJwgbV1JPGdNWNzuvWvSyfumJQePYTKx6T04DKS%2BN6iVv3yTaMzr0zi0O8UUP0RVHeENDuG374ElR%2BD%2B8%2BhxG9k%2FtEqknhv3WkDJYrp7EqNoDojaDkAdQGyyacCZJ0AWRogFmdlHkVRKxSchu0FzmuiJVlThBFtdSIahc02Mj7BG8CnA3A9ALc7SO0ONtUANvsJbqOAEwGcH5Pg%2FR30RIFcEuSOIKcEuSLIPUHeK%2FaFdlVX3BHaZSy6yNWLXCuGxnd36b7xXZmQ3fScPDPdy99X1rApz8rtFquF9UZLyJaUYZPXI16t12uUVWVDRvU2nCqg3KXpqNtqTJ77%2BQWkakxK63%2BB0WM4fQyu5kCzCDQftqoh6Maw3g6xnZy9tGFyb3KrvPQbyvqtjurJCtOm61LjK9zEEKZA6kvwW8GuPifPT%2BnKV76E5CfX7r54%2BET0yh%2FgtkBqC3yq7hN09e3hDZOTvRsmd%2BSH9dSrWG3TyY3e9NTLubvvyq3cWLGy5AbfvsknxkQefiCdX6WJUEnXke8WlRDSLhvLJflxxX0k2fXMbSxmNsnS1etvLa%2FEqZXOKZOMQNXp%2Bp%2Fgk7E%2FO5o%2B1afH96DsCDYrEGcn5CKgzDF4ugOXzuidmYPVsx6WziHPiqGtstmhVgRazmrKCrj%2F1Wymd91tdG0V1N9CEhfo2QI9XYDqAVz25NCn9uTar19P4hswXRoybUt7TFv91Zi8PPf75PdguuSJOodTZ%2BVaKFpMdmSLyXqj3pFcsEaDhbzDWU202xzejXn1YfAPAAAA%2F%2F8BAAD%2F%2F001xYeEBAAA HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16721230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c5b856213942c2432be05bf9000359e
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqzdz%2BPHzorIIoodRWFGQSXfPZGbiHhbXNRKMybqr6E2qq2omZaq7mqrq7klO0YVlDx7m4EVPne8kG1yD6B9g0MmCSFDI3HLYePa8sOhJ6dng6IPu91593%2BHzvlW3d7Iz4iOjp9fe0VtSKTq%2F0PDrL38YBJfrKzLJBvVBt%2F1Ru3W5bvLXFtsN%2F5X6W4Jt6PnQD3w%2F8IP6kjSipwfzlQiZHiwGjUW%2F0QobwUILA%2FPf3mYeLPXA8zPyNCSf1O57FyHZGEn87TVhN5xOX30zzhR12iDn%2B%2B8nG4kuEsSzsmc89JL982loe7J0CJ3sTXGh838GIzkh3k%2BHiJL9c0hE%2Be6UM1IQCSL%2BBIp8DKHGkHQMpm9B8hMCMI7VNSTx3VVtCrr5WKWVOiG1Rw8hiwmpPbiIJP7mqpKD%2Bk2tMid1YjHolZCDMWR%2FjDQ7gtu6AFkcgblPIfmvZP7RCpJ4d80qDcnL6e5SjiF7YygxBLUesuqTHrKehyz1EPPTOguCoONzRv3uImNN3hFRm%2FsB7fQCGvjtLjJW4Q3h0iGYGoKZbaRmGxtyCJP9ALtewnIP1k2I9%2B42cl6iEASFJSgoQSEJCkdQ5OUeVza05V2ubBYF5zk8z81ypF1%2Fh%2B5p1xcJ2UnPyFNTX%2F66tIoNcVrvdqKm31rocNERwm%2BzVsDCVqtJo1AsiKDVhZUlpL0wXXVLTsgzPz6HVE5Ibe1PRPQIVh2ByTnQLAAtRp3QB10ftbo%2BtpLTF9Z14XRhpBNuXRq32ZO5aERK922qXYPpGFyXSF0NbtPbUWfk2Sndi3NnEOz4yr3nD%2F4XvPQ7mCmRmhIfy%2FsEfXVndEMXZPeGLiz5bi11MpZbtLrRm446MXfvbbFZaMOXr9nhV6%2BzSqjKg%2FeEdSs04TLpW%2FL1Vcm5MEvaMEG%2BX7YfiOh6ZtevZibJ0pXrbywtx6kR1kqdjEHlydofYNXanxxOn%2BqTv9yGNGOYrEScHZPzgNRHYOk2bDqjt3oORs1morSGIitHJoxmh0oSKDHraVTC%2FquPZvWOvYO%2BCUHdLSRxidyUyFUJqoaw2f9HLjXHV37%2BooovEanaKFKmthspoz6vrP2t%2Bj2YkPqlzx47beVpvdNs%2BrS9uBB0OlR0olbY7bUDTmnYaoftNm3C2QkLH3p%2FAwAA%2F%2F8BAAD%2F%2F%2B5XEQKEBAAA
200 OK 7 B URL HTTP/1.1 burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqzdz%2BPHzorIIoodRWFGQSXfPZGbiHhbXNRKMybqr6E2qq2omZaq7mqrq7klO0YVlDx7m4EVPne8kG1yD6B9g0MmCSFDI3HLYePa8sOhJ6dng6IPu91593%2BHzvlW3d7Iz4iOjp9fe0VtSKTq%2F0PDrL38YBJfrKzLJBvVBt%2F1Ru3W5bvLXFtsN%2F5X6W4Jt6PnQD3w%2F8IP6kjSipwfzlQiZHiwGjUW%2F0QobwUILA%2FPf3mYeLPXA8zPyNCSf1O57FyHZGEn87TVhN5xOX30zzhR12iDn%2B%2B8nG4kuEsSzsmc89JL982loe7J0CJ3sTXGh838GIzkh3k%2BHiJL9c0hE%2Be6UM1IQCSL%2BBIp8DKHGkHQMpm9B8hMCMI7VNSTx3VVtCrr5WKWVOiG1Rw8hiwmpPbiIJP7mqpKD%2Bk2tMid1YjHolZCDMWR%2FjDQ7gtu6AFkcgblPIfmvZP7RCpJ4d80qDcnL6e5SjiF7YygxBLUesuqTHrKehyz1EPPTOguCoONzRv3uImNN3hFRm%2FsB7fQCGvjtLjJW4Q3h0iGYGoKZbaRmGxtyCJP9ALtewnIP1k2I9%2B42cl6iEASFJSgoQSEJCkdQ5OUeVza05V2ubBYF5zk8z81ypF1%2Fh%2B5p1xcJ2UnPyFNTX%2F66tIoNcVrvdqKm31rocNERwm%2BzVsDCVqtJo1AsiKDVhZUlpL0wXXVLTsgzPz6HVE5Ibe1PRPQIVh2ByTnQLAAtRp3QB10ftbo%2BtpLTF9Z14XRhpBNuXRq32ZO5aERK922qXYPpGFyXSF0NbtPbUWfk2Sndi3NnEOz4yr3nD%2F4XvPQ7mCmRmhIfy%2FsEfXVndEMXZPeGLiz5bi11MpZbtLrRm446MXfvbbFZaMOXr9nhV6%2BzSqjKg%2FeEdSs04TLpW%2FL1Vcm5MEvaMEG%2BX7YfiOh6ZtevZibJ0pXrbywtx6kR1kqdjEHlydofYNXanxxOn%2BqTv9yGNGOYrEScHZPzgNRHYOk2bDqjt3oORs1morSGIitHJoxmh0oSKDHraVTC%2FquPZvWOvYO%2BCUHdLSRxidyUyFUJqoaw2f9HLjXHV37%2BooovEanaKFKmthspoz6vrP2t%2Bj2YkPqlzx47beVpvdNs%2BrS9uBB0OlR0olbY7bUDTmnYaoftNm3C2QkLH3p%2FAwAA%2F%2F8BAAD%2F%2F%2B5XEQKEBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqzdz%2BPHzorIIoodRWFGQSXfPZGbiHhbXNRKMybqr6E2qq2omZaq7mqrq7klO0YVlDx7m4EVPne8kG1yD6B9g0MmCSFDI3HLYePa8sOhJ6dng6IPu91593%2BHzvlW3d7Iz4iOjp9fe0VtSKTq%2F0PDrL38YBJfrKzLJBvVBt%2F1Ru3W5bvLXFtsN%2F5X6W4Jt6PnQD3w%2F8IP6kjSipwfzlQiZHiwGjUW%2F0QobwUILA%2FPf3mYeLPXA8zPyNCSf1O57FyHZGEn87TVhN5xOX30zzhR12iDn%2B%2B8nG4kuEsSzsmc89JL982loe7J0CJ3sTXGh838GIzkh3k%2BHiJL9c0hE%2Be6UM1IQCSL%2BBIp8DKHGkHQMpm9B8hMCMI7VNSTx3VVtCrr5WKWVOiG1Rw8hiwmpPbiIJP7mqpKD%2Bk2tMid1YjHolZCDMWR%2FjDQ7gtu6AFkcgblPIfmvZP7RCpJ4d80qDcnL6e5SjiF7YygxBLUesuqTHrKehyz1EPPTOguCoONzRv3uImNN3hFRm%2FsB7fQCGvjtLjJW4Q3h0iGYGoKZbaRmGxtyCJP9ALtewnIP1k2I9%2B42cl6iEASFJSgoQSEJCkdQ5OUeVza05V2ubBYF5zk8z81ypF1%2Fh%2B5p1xcJ2UnPyFNTX%2F66tIoNcVrvdqKm31rocNERwm%2BzVsDCVqtJo1AsiKDVhZUlpL0wXXVLTsgzPz6HVE5Ibe1PRPQIVh2ByTnQLAAtRp3QB10ftbo%2BtpLTF9Z14XRhpBNuXRq32ZO5aERK922qXYPpGFyXSF0NbtPbUWfk2Sndi3NnEOz4yr3nD%2F4XvPQ7mCmRmhIfy%2FsEfXVndEMXZPeGLiz5bi11MpZbtLrRm446MXfvbbFZaMOXr9nhV6%2BzSqjKg%2FeEdSs04TLpW%2FL1Vcm5MEvaMEG%2BX7YfiOh6ZtevZibJ0pXrbywtx6kR1kqdjEHlydofYNXanxxOn%2BqTv9yGNGOYrEScHZPzgNRHYOk2bDqjt3oORs1morSGIitHJoxmh0oSKDHraVTC%2FquPZvWOvYO%2BCUHdLSRxidyUyFUJqoaw2f9HLjXHV37%2BooovEanaKFKmthspoz6vrP2t%2Bj2YkPqlzx47beVpvdNs%2BrS9uBB0OlR0olbY7bUDTmnYaoftNm3C2QkLH3p%2FAwAA%2F%2F8BAAD%2F%2F%2B5XEQKEBAAA HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16721230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 403dbfcbeb3ea0f5bcf6f6a61882b4a5
Strict-Transport-Security: max-age=0; includeSubdomains
kazanwhoeveryowl.com/sbar.json?key=44035c191f4c0ed7ba5fb93f9738442c&uuid=3b3fd329-3f72-419c-b7aa-78559d632125%3A1%3A1
200 OK 4.1 kB URL HTTP/1.1 kazanwhoeveryowl.com/sbar.json?key=44035c191f4c0ed7ba5fb93f9738442c&uuid=3b3fd329-3f72-419c-b7aa-78559d632125%3A1%3A1
IP
File type JSON data\012- , ASCII text, with very long lines (5773), with no line terminators
Hash a908c684ee4321f1a30664a1f9acd856
f59d026b3eda0873b87aae7d914bed44bb1f010b
6da7253cc7951176dbf795e3ca71bd160616354b165a53f0175a85fbf17831f3
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=44035c191f4c0ed7ba5fb93f9738442c&uuid=3b3fd329-3f72-419c-b7aa-78559d632125%3A1%3A1 HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sampsonfornor.blogspot.com
Access-Control-Allow-Origin: https://sampsonfornor.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16598140; expires=Wed, 28 Sep 2022 12:56:34 GMT; secure; SameSite=None
uid_id2=3b3fd329-3f72-419c-b7aa-78559d632125:1:1; expires=Tue, 04 Oct 2022 12:56:34 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 28 Sep 2022 12:56:34 GMT; secure; SameSite=None
uncs=1; expires=Wed, 28 Sep 2022 12:56:34 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 28 Sep 2022 12:56:34 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 28 Sep 2022 12:56:34 GMT; secure; SameSite=None
slec44035c191f4c0ed7ba5fb93f9738442c=[3364903]; expires=Tue, 27 Sep 2022 12:56:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fdaa4619c8dace3f950066f10c2f906
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
burlydeclined.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
200 OK 29 kB URL HTTP/1.1 burlydeclined.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash d3115b2de8763d321c1aceef8a64ef62
ba66f1fa40053f0efb3bbb90e664ba20ae161723
3585675a5f47c867150ec0ce0e380fa6fb41797267931dec0de4de338b5fd8f4
Analyzer Verdict Alert quad9 Sinkholed
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16721230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a802698b80462de5fa080403032a77b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGqzdz%2BPL1orIIoodRWFGQSff8jntYjDESjMm6q%2BhN6tdMylR3NVXV05OcogvLHjzMwYueOs8kG1yD6B9g0MmCSFDI3HLYePa8sOhJmdng6Avd7%2FvW8x4%2B71N1ezc7JyEyerb0jtlWWtP5RiUsv%2FxhFF0tr6ok65f77eZHzfrVsu29ttCshK%2BU35J808xXwygMozAqLysrO6Y%2FPxGh0sOFqLIQVurVStSoo2%2F%2F27ssgKMBRO%2BcPA0lxqX7wWUoPkISf7sk3aY36atvxpmm3lj0xMH7yWZi8gTxrOzYAJ3k4GIaxp0uH8Ek%2B1NcmN4%2Fg0yNSfDTEVhycAEJ1tubcjINmYCJJ5D3RpB6BEVH4OYWlDglABdYW0cS310zNqdbj1U6Ucek9OghVD4mpQeXkcTfLGrVL980OvPKJA79TgHVH0F1R0izY%2FjtS1D5Mbj%2FFEr8SuYfrSKJ99adNlCimO6u1AiqM4KWA1AXIJt8KkDWCZClAWJxVuZRFLVCwWnYXuC8JlqSNUUY0VYnolHYbCPjE7wBfDoA1wNwu4PU7mBTDWCzH%2BA2CjgRwPkxCd7dQU8UyCVB7ghySpArgtwT5L1iX2hXdcVdoV3Gootcvci1Ymh8d5fuG9%2BVCdlNz8lTU1%2F%2BurKGTXlWbrdYLaw3WkK2pAybvB7xar1eo6wqGzKqt%2BFUAeUuTVfdVmPyzI%2FPIVVjUlr%2FE4wew%2BljcDUHmkWg%2BbBVDUE3hvV2iO3k7IUNk3uTW%2BWl31DWb3VUT1aYNl2XGl%2FhJoYwBVJfgt8KdvU5eXZK9%2BLcOSQ%2FuXbv%2BcP%2FRS%2F9Dm4LpLbAx%2Bo%2BQVffGd4wOdm7YXJHvltPvYrVNp3c6E1PvZy797bcyo0VK0tu8NXrfCJMysP3pPOrNBEq6Try9aISQtplY7kk36%2B4DyS7nrmNxcwmWbp6%2FY3llTi10jllkhGoOl3%2FA3yy9idH06f65C%2B3oewINisQZyfkIqDMMXi6A5fO6J2Zg9WzGZaWkGfF0FbZ7FArAi1nPWUF3L96Nqt33R10bRXU30ISF%2BjZAj1dgOoBXPb%2FoU%2FtybWfv5jEl2C6NGTalvaYtvrzibW%2FTX4PxqR85bPHTjt1Vq6FosVkR7aYrDfqHckFazRYyDuc1US7zeHdmFcfBn8DAAD%2F%2FwEAAP%2F%2FboPE6oQEAAA%3D
200 OK 7 B URL HTTP/1.1 burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGqzdz%2BPL1orIIoodRWFGQSff8jntYjDESjMm6q%2BhN6tdMylR3NVXV05OcogvLHjzMwYueOs8kG1yD6B9g0MmCSFDI3HLYePa8sOhJmdng6Avd7%2FvW8x4%2B71N1ezc7JyEyerb0jtlWWtP5RiUsv%2FxhFF0tr6ok65f77eZHzfrVsu29ttCshK%2BU35J808xXwygMozAqLysrO6Y%2FPxGh0sOFqLIQVurVStSoo2%2F%2F27ssgKMBRO%2BcPA0lxqX7wWUoPkISf7sk3aY36atvxpmm3lj0xMH7yWZi8gTxrOzYAJ3k4GIaxp0uH8Ek%2B1NcmN4%2Fg0yNSfDTEVhycAEJ1tubcjINmYCJJ5D3RpB6BEVH4OYWlDglABdYW0cS310zNqdbj1U6Ucek9OghVD4mpQeXkcTfLGrVL980OvPKJA79TgHVH0F1R0izY%2FjtS1D5Mbj%2FFEr8SuYfrSKJ99adNlCimO6u1AiqM4KWA1AXIJt8KkDWCZClAWJxVuZRFLVCwWnYXuC8JlqSNUUY0VYnolHYbCPjE7wBfDoA1wNwu4PU7mBTDWCzH%2BA2CjgRwPkxCd7dQU8UyCVB7ghySpArgtwT5L1iX2hXdcVdoV3Gootcvci1Ymh8d5fuG9%2BVCdlNz8lTU1%2F%2BurKGTXlWbrdYLaw3WkK2pAybvB7xar1eo6wqGzKqt%2BFUAeUuTVfdVmPyzI%2FPIVVjUlr%2FE4wew%2BljcDUHmkWg%2BbBVDUE3hvV2iO3k7IUNk3uTW%2BWl31DWb3VUT1aYNl2XGl%2FhJoYwBVJfgt8KdvU5eXZK9%2BLcOSQ%2FuXbv%2BcP%2FRS%2F9Dm4LpLbAx%2Bo%2BQVffGd4wOdm7YXJHvltPvYrVNp3c6E1PvZy797bcyo0VK0tu8NXrfCJMysP3pPOrNBEq6Try9aISQtplY7kk36%2B4DyS7nrmNxcwmWbp6%2FY3llTi10jllkhGoOl3%2FA3yy9idH06f65C%2B3oewINisQZyfkIqDMMXi6A5fO6J2Zg9WzGZaWkGfF0FbZ7FArAi1nPWUF3L96Nqt33R10bRXU30ISF%2BjZAj1dgOoBXPb%2FoU%2FtybWfv5jEl2C6NGTalvaYtvrzibW%2FTX4PxqR85bPHTjt1Vq6FosVkR7aYrDfqHckFazRYyDuc1US7zeHdmFcfBn8DAAD%2F%2FwEAAP%2F%2FboPE6oQEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGqzdz%2BPL1orIIoodRWFGQSff8jntYjDESjMm6q%2BhN6tdMylR3NVXV05OcogvLHjzMwYueOs8kG1yD6B9g0MmCSFDI3HLYePa8sOhJmdng6Avd7%2FvW8x4%2B71N1ezc7JyEyerb0jtlWWtP5RiUsv%2FxhFF0tr6ok65f77eZHzfrVsu29ttCshK%2BU35J808xXwygMozAqLysrO6Y%2FPxGh0sOFqLIQVurVStSoo2%2F%2F27ssgKMBRO%2BcPA0lxqX7wWUoPkISf7sk3aY36atvxpmm3lj0xMH7yWZi8gTxrOzYAJ3k4GIaxp0uH8Ek%2B1NcmN4%2Fg0yNSfDTEVhycAEJ1tubcjINmYCJJ5D3RpB6BEVH4OYWlDglABdYW0cS310zNqdbj1U6Ucek9OghVD4mpQeXkcTfLGrVL980OvPKJA79TgHVH0F1R0izY%2FjtS1D5Mbj%2FFEr8SuYfrSKJ99adNlCimO6u1AiqM4KWA1AXIJt8KkDWCZClAWJxVuZRFLVCwWnYXuC8JlqSNUUY0VYnolHYbCPjE7wBfDoA1wNwu4PU7mBTDWCzH%2BA2CjgRwPkxCd7dQU8UyCVB7ghySpArgtwT5L1iX2hXdcVdoV3Gootcvci1Ymh8d5fuG9%2BVCdlNz8lTU1%2F%2BurKGTXlWbrdYLaw3WkK2pAybvB7xar1eo6wqGzKqt%2BFUAeUuTVfdVmPyzI%2FPIVVjUlr%2FE4wew%2BljcDUHmkWg%2BbBVDUE3hvV2iO3k7IUNk3uTW%2BWl31DWb3VUT1aYNl2XGl%2FhJoYwBVJfgt8KdvU5eXZK9%2BLcOSQ%2FuXbv%2BcP%2FRS%2F9Dm4LpLbAx%2Bo%2BQVffGd4wOdm7YXJHvltPvYrVNp3c6E1PvZy797bcyo0VK0tu8NXrfCJMysP3pPOrNBEq6Try9aISQtplY7kk36%2B4DyS7nrmNxcwmWbp6%2FY3llTi10jllkhGoOl3%2FA3yy9idH06f65C%2B3oewINisQZyfkIqDMMXi6A5fO6J2Zg9WzGZaWkGfF0FbZ7FArAi1nPWUF3L96Nqt33R10bRXU30ISF%2BjZAj1dgOoBXPb%2FoU%2FtybWfv5jEl2C6NGTalvaYtvrzibW%2FTX4PxqR85bPHTjt1Vq6FosVkR7aYrDfqHckFazRYyDuc1US7zeHdmFcfBn8DAAD%2F%2FwEAAP%2F%2FboPE6oQEAAA%3D HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16721230; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec87b30457de7ee06c41c2443ab2e5e148=[2229215,2229213,2106764,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3ffde4fc7108db253e24037a799e17bc
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
200 OK 278 B IP
Hash 4487788aac63064974871bf6a8ccde12
deaaebcaa91b93596f639ef233e38b44db9e1730
cc4b1de00c54747bd89eb52aa2a639c1f3067d06a8de1e66a17cefcf1e8af6bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4767
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:34 GMT
Last-Modified: Tue, 27 Sep 2022 11:37:07 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 0a077e10eaeb9460d25305c5a6f88b2c
997db28a300de40d2e836894fa2700a24634ad52
972f108ffcc2dcbe86234194232d2b540b7c1005035e6ebf52f50ee59ba1ed04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "972F108FFCC2DCBE86234194232D2B540B7C1005035E6EBF52F50EE59BA1ED04"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4535
Expires: Tue, 27 Sep 2022 14:12:09 GMT
Date: Tue, 27 Sep 2022 12:56:34 GMT
Connection: keep-alive
kazanwhoeveryowl.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitzu5B8KQEQUUZQVDBne1fMz1jDsG4rgQ32ZAo5qbVVd2z5VZ3NVXV07OLh2Aw5Dj%2BB71vdrNEgyh4NehsIIcFIeNpDu7%2FIIGAoCAzWRz9oPi%2BV%2B8d3veqbu2VJ8RFSadrl9SukJKutppu483rnneusSHyctAYdNqftsNzDd1%2Fp9tuum81PkjYtlr1Xc91PddrrAudpGqwOiMhintdr9l1m6Hf9FohBvr%2F2JQODHXA%2ByfkeQg%2BWX7gnIVgY%2BTZ92uJ2baqePv9rJTUKo0%2BP%2Fw4385VlSNbjKl2kOaHp2oo82j9PlR%2BMLcL1f9XGIsJcR7eR5wfnppE3N%2Bf%2B4wlkhwxfxZVf4xEjiHoGEzdhOCPCMA4Lm8iz%2B5cVrqiO09ZOmMnZPnJY4hqQpZ%2FP4s8%2B%2B6CFIPGNSVLK1RuMEhriMEYojdGUR7B7p6BqI7A7JcQ%2FFey%2BmQDeba%2FaaSC4NPXgzhIeeB3V4I08ldCr8tW4ojSlajTanV5O%2FA9vzUPSIgxRDqGTIagxkE5O8JBmTooCwcZnzaY53mRyxl1O13GAh4lcZu7Ho1Sj3puu4OSzXYYwhZDMDkE0zdQ6BvYFkPo8meYrRqGOzCWoM9rVAlBZQgqSlAJgsoSVP36gEvjm%2FoOl6aMvdPun%2FagHinb26MHyvaSnOwVJ%2BS5eXB%2Fr32B7WTaCEM3aDGv66UhcxMexbSVxt0g7UZBJwx9BiNqCHNmvuaumJAXfnkZhZiQ5c0%2FEdMjGHkEJpZAy1dAq1Hku6Bbo7DjYjefvralKqsqLWxit4S2O6noJ81Yqp4plG0ylYGrGoVdht1x9uQJeXHuLrj%2BBhJ2fP6z%2BNLkj7t%2Fgekaha7xuXhA0JO3R1dVRfavqsqQHzYLKzKxS2dPfs1Smyx982GyUynNL66Z4d132YyYjfc%2BSozdoDkXec%2BQby8IzhO9rjRLyE8XzSdJfKU0WxdKnZfFxpX31i9mhU6MESofg4oJIQ%2BPwcSEPPPjwfw3v%2FTVLQg9hi5rZOUxOS0IdQRW3IApFv6NWoKWC01cOKjKeqT9eHEpBYFMFpjGNcx%2FcLyY98xt9PSroPYm8qxGX9foyxpUDmHKpZEt9PH534J5IZbOKJba2Y%2Blll8%2FDdeIaSMKApe2uy0vimgSxaHfSdsep9QP2367TQNYM2H%2B4zP%2FAAAA%2F%2F8BAAD%2F%2Fzr6h%2B6YBAAA
200 OK 7 B URL HTTP/1.1 kazanwhoeveryowl.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitzu5B8KQEQUUZQVDBne1fMz1jDsG4rgQ32ZAo5qbVVd2z5VZ3NVXV07OLh2Aw5Dj%2BB71vdrNEgyh4NehsIIcFIeNpDu7%2FIIGAoCAzWRz9oPi%2BV%2B8d3veqbu2VJ8RFSadrl9SukJKutppu483rnneusSHyctAYdNqftsNzDd1%2Fp9tuum81PkjYtlr1Xc91PddrrAudpGqwOiMhintdr9l1m6Hf9FohBvr%2F2JQODHXA%2ByfkeQg%2BWX7gnIVgY%2BTZ92uJ2baqePv9rJTUKo0%2BP%2Fw4385VlSNbjKl2kOaHp2oo82j9PlR%2BMLcL1f9XGIsJcR7eR5wfnppE3N%2Bf%2B4wlkhwxfxZVf4xEjiHoGEzdhOCPCMA4Lm8iz%2B5cVrqiO09ZOmMnZPnJY4hqQpZ%2FP4s8%2B%2B6CFIPGNSVLK1RuMEhriMEYojdGUR7B7p6BqI7A7JcQ%2FFey%2BmQDeba%2FaaSC4NPXgzhIeeB3V4I08ldCr8tW4ojSlajTanV5O%2FA9vzUPSIgxRDqGTIagxkE5O8JBmTooCwcZnzaY53mRyxl1O13GAh4lcZu7Ho1Sj3puu4OSzXYYwhZDMDkE0zdQ6BvYFkPo8meYrRqGOzCWoM9rVAlBZQgqSlAJgsoSVP36gEvjm%2FoOl6aMvdPun%2FagHinb26MHyvaSnOwVJ%2BS5eXB%2Fr32B7WTaCEM3aDGv66UhcxMexbSVxt0g7UZBJwx9BiNqCHNmvuaumJAXfnkZhZiQ5c0%2FEdMjGHkEJpZAy1dAq1Hku6Bbo7DjYjefvralKqsqLWxit4S2O6noJ81Yqp4plG0ylYGrGoVdht1x9uQJeXHuLrj%2BBhJ2fP6z%2BNLkj7t%2Fgekaha7xuXhA0JO3R1dVRfavqsqQHzYLKzKxS2dPfs1Smyx982GyUynNL66Z4d132YyYjfc%2BSozdoDkXec%2BQby8IzhO9rjRLyE8XzSdJfKU0WxdKnZfFxpX31i9mhU6MESofg4oJIQ%2BPwcSEPPPjwfw3v%2FTVLQg9hi5rZOUxOS0IdQRW3IApFv6NWoKWC01cOKjKeqT9eHEpBYFMFpjGNcx%2FcLyY98xt9PSroPYm8qxGX9foyxpUDmHKpZEt9PH534J5IZbOKJba2Y%2Blll8%2FDdeIaSMKApe2uy0vimgSxaHfSdsep9QP2367TQNYM2H%2B4zP%2FAAAA%2F%2F8BAAD%2F%2Fzr6h%2B6YBAAA
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitzu5B8KQEQUUZQVDBne1fMz1jDsG4rgQ32ZAo5qbVVd2z5VZ3NVXV07OLh2Aw5Dj%2BB71vdrNEgyh4NehsIIcFIeNpDu7%2FIIGAoCAzWRz9oPi%2BV%2B8d3veqbu2VJ8RFSadrl9SukJKutppu483rnneusSHyctAYdNqftsNzDd1%2Fp9tuum81PkjYtlr1Xc91PddrrAudpGqwOiMhintdr9l1m6Hf9FohBvr%2F2JQODHXA%2ByfkeQg%2BWX7gnIVgY%2BTZ92uJ2baqePv9rJTUKo0%2BP%2Fw4385VlSNbjKl2kOaHp2oo82j9PlR%2BMLcL1f9XGIsJcR7eR5wfnppE3N%2Bf%2B4wlkhwxfxZVf4xEjiHoGEzdhOCPCMA4Lm8iz%2B5cVrqiO09ZOmMnZPnJY4hqQpZ%2FP4s8%2B%2B6CFIPGNSVLK1RuMEhriMEYojdGUR7B7p6BqI7A7JcQ%2FFey%2BmQDeba%2FaaSC4NPXgzhIeeB3V4I08ldCr8tW4ojSlajTanV5O%2FA9vzUPSIgxRDqGTIagxkE5O8JBmTooCwcZnzaY53mRyxl1O13GAh4lcZu7Ho1Sj3puu4OSzXYYwhZDMDkE0zdQ6BvYFkPo8meYrRqGOzCWoM9rVAlBZQgqSlAJgsoSVP36gEvjm%2FoOl6aMvdPun%2FagHinb26MHyvaSnOwVJ%2BS5eXB%2Fr32B7WTaCEM3aDGv66UhcxMexbSVxt0g7UZBJwx9BiNqCHNmvuaumJAXfnkZhZiQ5c0%2FEdMjGHkEJpZAy1dAq1Hku6Bbo7DjYjefvralKqsqLWxit4S2O6noJ81Yqp4plG0ylYGrGoVdht1x9uQJeXHuLrj%2BBhJ2fP6z%2BNLkj7t%2Fgekaha7xuXhA0JO3R1dVRfavqsqQHzYLKzKxS2dPfs1Smyx982GyUynNL66Z4d132YyYjfc%2BSozdoDkXec%2BQby8IzhO9rjRLyE8XzSdJfKU0WxdKnZfFxpX31i9mhU6MESofg4oJIQ%2BPwcSEPPPjwfw3v%2FTVLQg9hi5rZOUxOS0IdQRW3IApFv6NWoKWC01cOKjKeqT9eHEpBYFMFpjGNcx%2FcLyY98xt9PSroPYm8qxGX9foyxpUDmHKpZEt9PH534J5IZbOKJba2Y%2Blll8%2FDdeIaSMKApe2uy0vimgSxaHfSdsep9QP2367TQNYM2H%2B4zP%2FAAAA%2F%2F8BAAD%2F%2Fzr6h%2B6YBAAA HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16598140; uid_id2=3b3fd329-3f72-419c-b7aa-78559d632125:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec44035c191f4c0ed7ba5fb93f9738442c=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 12:56:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c65660366a27b26211707d783dcf252a
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 0a077e10eaeb9460d25305c5a6f88b2c
997db28a300de40d2e836894fa2700a24634ad52
972f108ffcc2dcbe86234194232d2b540b7c1005035e6ebf52f50ee59ba1ed04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "972F108FFCC2DCBE86234194232D2B540B7C1005035E6EBF52F50EE59BA1ED04"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4535
Expires: Tue, 27 Sep 2022 14:12:09 GMT
Date: Tue, 27 Sep 2022 12:56:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d7cb3481dd46647d06e18548fdcd12d7
07cda6cbf944285364b3960d830020edfd5f4e3f
50550ef7f7740af0116453d289f44b37199df7fa2cefec6dbe1af49b1ec77fed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50550EF7F7740AF0116453D289F44B37199DF7FA2CEFEC6DBE1AF49B1EC77FED"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4947
Expires: Tue, 27 Sep 2022 14:19:01 GMT
Date: Tue, 27 Sep 2022 12:56:34 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1731
Expires: Tue, 27 Sep 2022 13:25:26 GMT
Date: Tue, 27 Sep 2022 12:56:35 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1731
Expires: Tue, 27 Sep 2022 13:25:26 GMT
Date: Tue, 27 Sep 2022 12:56:35 GMT
Connection: keep-alive
reapinject.com/pixel/purst?dl=0&th=0&sc=0&rs=4222&rd=4222&fd=471&bv=22.8.v.2&tmpl=136
200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/purst?dl=0&th=0&sc=0&rs=4222&rd=4222&fd=471&bv=22.8.v.2&tmpl=136
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4222&rd=4222&fd=471&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 12:56:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/index.html
200 OK 427 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/index.html
IP
File type HTML document text\012- HTML document, ASCII text
Hash 8693070f0adf83df6bb1cb58b14baf71
d465d54050430256e7faac3a5e5c1c5767fa85e9
3ac43eb1b36509f20c611a6c95cec9101245835a58910dea433c7270e16fecd6
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:35 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 11:25:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mstuCyjokaWuOUmWAdNDBH9U2uBOBSVLVpS3z81klrcT3miIU5lMOk3I4v5cDJz6Eu2NR9QvgtXDBjLeqIkCSPzn8aCD1%2BW9L7h%2FgILuoLBouZXJQu5BKxHJGQhw9gaWDcd0JQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514666f88ce1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/icon.jpg
200 OK 83 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/icon.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 435x290, components 3\012- data
Hash 85f73b8e6875d66c6d73ebdefc72c793
7281bfc203aa9c27601828765ba37b28b79c2476
f2772dd68c9e122cb84b4c535502d3c7034437ca7c053fc781da626cf1a1064f
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/icon.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:35 GMT
content-type: image/jpeg
content-length: 82807
last-modified: Tue, 08 Feb 2022 14:25:26 GMT
etag: "62027d56-14377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4762329
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZ9137Np%2FAm6qkzYqDPOBku9RBekgWLVp15dNVPTUjrdBUDsqF6r5h3ZfDG3%2B4KppRevNAyC66o9uMXXESBVGuP7oIH64Wj9u5BvBA1a6fviDgXLhbIcIL6GoNFYs90zGlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751466742f727786-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4543018&@f16&@g1&@h1&@i1&@j1664283391831&@k0&@l1&@mWhat%20Is%20Controlled%20By%20The%20Side%20Dial%20On%20A%20Telescopic%20Sight%3F%20-%20Sampson%20Fornor&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:62860790&@b3:1664283392&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&@w
200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4543018&@f16&@g1&@h1&@i1&@j1664283391831&@k0&@l1&@mWhat%20Is%20Controlled%20By%20The%20Side%20Dial%20On%20A%20Telescopic%20Sight%3F%20-%20Sampson%20Fornor&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:62860790&@b3:1664283392&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&@w
IP
File type ASCII text, with no line terminators
Hash ee4221e6186b0edbbe7b38af379e2faf
9136f4e22b42fcb9d5a3e8c62b59d382c9ee28da
33b4397a62ebdc88302c4a5d8f24a5125ad2272998a01fdbe42209504e75125c
GET /stats/0.php?4543018&@f16&@g1&@h1&@i1&@j1664283391831&@k0&@l1&@mWhat%20Is%20Controlled%20By%20The%20Side%20Dial%20On%20A%20Telescopic%20Sight%3F%20-%20Sampson%20Fornor&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:62860790&@b3:1664283392&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsampsonfornor.blogspot.com%2F2022%2F05%2Fwhat-is-controlled-by-side-dial-on.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 12:56:35 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4449
Expires: Tue, 27 Sep 2022 14:10:44 GMT
Date: Tue, 27 Sep 2022 12:56:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 12:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 660 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Hash 5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 12:56:35 GMT
date: Tue, 27 Sep 2022 12:56:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kazanwhoeveryowl.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fcss%2Fanimate.css&l=79245&fd=334
200 OK 0 B URL HTTP/1.1 kazanwhoeveryowl.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fcss%2Fanimate.css&l=79245&fd=334
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fcss%2Fanimate.css&l=79245&fd=334 HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16598140; uid_id2=3b3fd329-3f72-419c-b7aa-78559d632125:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec44035c191f4c0ed7ba5fb93f9738442c=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 12:56:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/style.css
200 OK 2.5 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/style.css
IP
Hash 8f3a4f5cc81ddebb09501e82a8677e67
5928a7eeae41d0fc95fc1cd12245baa57ed7cb61
ab02cb06ea931d32466f575fc6287da35821a67953d71055332b21eae0283447
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:35 GMT
content-type: text/css
last-modified: Wed, 09 Feb 2022 11:25:27 GMT
etag: W/"6203a4a7-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3hyv3uDsnExfCVhPDberUyeDA8ZJg%2FJ8mC2AOzu7tJTThNjYShRZ68ACL94OjyuwWaWpnpr1ViziEDPzw9Oid%2B4XQtk%2BHOPS9MzZiKUw0u1yOdmMJjneDqtKbnGadqpWwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75146673eef67786-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kazanwhoeveryowl.com/impr.gif?sid=H4sIAAAAAAAC%2F1RS32tcRRid2%2BRB8EkpgoqygqCC2dy7dze7ax%2BKNUaKaVNaxb7p%2FLqbMXPvXGbm7t0EH4rF0sf1P7g5mzRUiyj4atFNoQ8BoetTHsz%2FIIWCoCC7Da5%2BMHzfmXMezndmbu0WJyREQY9XL5kdpTVdbtXD2pvXo%2BhcbV1lxaA26Kx8utI8V7P9d7or9fCt2geSb5nlRhiFYRRGtTVlZWIGy1MSKr%2FXjerdsN5s1KNWEwP7f%2ByKAI4GEP0T8jyUmCw%2BCM5C8TGy9PtV6ba8yd9%2BPy009caiLw4%2BzrYyU2ZI52NiAyTZwakaxj1auw%2BT7c%2FswvT%2FFTI1IcHD%2B2DZwalJsP7ezCfTkBmYeBZlfwypx1B0DG5uQolHBOAClzeQpXcuG1vS7acsnbITsvjkMVQ5IYu%2Fn0WWfndBq0HtmtGFVyZzGCQV1GAM1RsjLw7hd85AlYfg%2Fkso8StZfrKOLN3bcNpAiePXYxYnIm50l%2BKk3VhqRl2%2BxNqULrU7rVZXrMSNqNGaBaTUGCoZQ8shqAtQTI8KUCQBijxAKo5rPIqidig4DTtdzmPRlmxFhBFtJxGNwpUOCj7dYQifD8H1ENzeQG5vYEsNYYuf4TYrOBHAeYK%2BqFBKgtIRlJSgVASlJyj71b7QruGqO0K7gkWnvXHa42pkfG%2BX7hvfkxnZzU%2FIc7Pg%2Fl79AlvyuNZshnGLR90oafJQijajrYR146TbjjvNZoPDqQrKnZmtuaMm5IVfXkauJmRx408weginD8HVAmjxCmg5ajdC0M1RsxNiJzt%2BbdOU3pRWeek3lfXbierLOtOm53Lj69ykEKZC7hfht4NdfUJenLmLr78ByY%2FOf8YuTf64%2Bxe4rZDbCp%2BrBwQ9fXt01ZRk76opHflhI%2FcqVTt0%2BuTXPPVy4ZsP5XZprLi46oZ33%2BVTYjre%2B0g6v04zobKeI99eUEJIu2Ysl%2BSni%2B4Tya4UbvNCYbMiX7%2Fy3trFNLfSOWWyMaiaEPLwCFxNyDM%2F7s9%2B80tf3YKyY9iiQlockdOCMofg%2BQ24fO7fmQVYPdewPEBZVCPbYPNLrQi0nGPKKrj%2FYDafd91t9OyroP4msrRC31bo6wpUD%2BGKhZHP7dH53%2BJZgelgxLQN9pi2%2Buun4Tp1XItD0WYykW0mm61mIrlgrRYLecJZLDodDu8mvPH4zD8AAAD%2F%2FwEAAP%2F%2Fui5SBpgEAAA%3D
200 OK 7 B URL HTTP/1.1 kazanwhoeveryowl.com/impr.gif?sid=H4sIAAAAAAAC%2F1RS32tcRRid2%2BRB8EkpgoqygqCC2dy7dze7ax%2BKNUaKaVNaxb7p%2FLqbMXPvXGbm7t0EH4rF0sf1P7g5mzRUiyj4atFNoQ8BoetTHsz%2FIIWCoCC7Da5%2BMHzfmXMezndmbu0WJyREQY9XL5kdpTVdbtXD2pvXo%2BhcbV1lxaA26Kx8utI8V7P9d7or9fCt2geSb5nlRhiFYRRGtTVlZWIGy1MSKr%2FXjerdsN5s1KNWEwP7f%2ByKAI4GEP0T8jyUmCw%2BCM5C8TGy9PtV6ba8yd9%2BPy009caiLw4%2BzrYyU2ZI52NiAyTZwakaxj1auw%2BT7c%2FswvT%2FFTI1IcHD%2B2DZwalJsP7ezCfTkBmYeBZlfwypx1B0DG5uQolHBOAClzeQpXcuG1vS7acsnbITsvjkMVQ5IYu%2Fn0WWfndBq0HtmtGFVyZzGCQV1GAM1RsjLw7hd85AlYfg%2Fkso8StZfrKOLN3bcNpAiePXYxYnIm50l%2BKk3VhqRl2%2BxNqULrU7rVZXrMSNqNGaBaTUGCoZQ8shqAtQTI8KUCQBijxAKo5rPIqidig4DTtdzmPRlmxFhBFtJxGNwpUOCj7dYQifD8H1ENzeQG5vYEsNYYuf4TYrOBHAeYK%2BqFBKgtIRlJSgVASlJyj71b7QruGqO0K7gkWnvXHa42pkfG%2BX7hvfkxnZzU%2FIc7Pg%2Fl79AlvyuNZshnGLR90oafJQijajrYR146TbjjvNZoPDqQrKnZmtuaMm5IVfXkauJmRx408weginD8HVAmjxCmg5ajdC0M1RsxNiJzt%2BbdOU3pRWeek3lfXbierLOtOm53Lj69ykEKZC7hfht4NdfUJenLmLr78ByY%2FOf8YuTf64%2Bxe4rZDbCp%2BrBwQ9fXt01ZRk76opHflhI%2FcqVTt0%2BuTXPPVy4ZsP5XZprLi46oZ33%2BVTYjre%2B0g6v04zobKeI99eUEJIu2Ysl%2BSni%2B4Tya4UbvNCYbMiX7%2Fy3trFNLfSOWWyMaiaEPLwCFxNyDM%2F7s9%2B80tf3YKyY9iiQlockdOCMofg%2BQ24fO7fmQVYPdewPEBZVCPbYPNLrQi0nGPKKrj%2FYDafd91t9OyroP4msrRC31bo6wpUD%2BGKhZHP7dH53%2BJZgelgxLQN9pi2%2Buun4Tp1XItD0WYykW0mm61mIrlgrRYLecJZLDodDu8mvPH4zD8AAAD%2F%2FwEAAP%2F%2Fui5SBpgEAAA%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RS32tcRRid2%2BRB8EkpgoqygqCC2dy7dze7ax%2BKNUaKaVNaxb7p%2FLqbMXPvXGbm7t0EH4rF0sf1P7g5mzRUiyj4atFNoQ8BoetTHsz%2FIIWCoCC7Da5%2BMHzfmXMezndmbu0WJyREQY9XL5kdpTVdbtXD2pvXo%2BhcbV1lxaA26Kx8utI8V7P9d7or9fCt2geSb5nlRhiFYRRGtTVlZWIGy1MSKr%2FXjerdsN5s1KNWEwP7f%2ByKAI4GEP0T8jyUmCw%2BCM5C8TGy9PtV6ba8yd9%2BPy009caiLw4%2BzrYyU2ZI52NiAyTZwakaxj1auw%2BT7c%2FswvT%2FFTI1IcHD%2B2DZwalJsP7ezCfTkBmYeBZlfwypx1B0DG5uQolHBOAClzeQpXcuG1vS7acsnbITsvjkMVQ5IYu%2Fn0WWfndBq0HtmtGFVyZzGCQV1GAM1RsjLw7hd85AlYfg%2Fkso8StZfrKOLN3bcNpAiePXYxYnIm50l%2BKk3VhqRl2%2BxNqULrU7rVZXrMSNqNGaBaTUGCoZQ8shqAtQTI8KUCQBijxAKo5rPIqidig4DTtdzmPRlmxFhBFtJxGNwpUOCj7dYQifD8H1ENzeQG5vYEsNYYuf4TYrOBHAeYK%2BqFBKgtIRlJSgVASlJyj71b7QruGqO0K7gkWnvXHa42pkfG%2BX7hvfkxnZzU%2FIc7Pg%2Fl79AlvyuNZshnGLR90oafJQijajrYR146TbjjvNZoPDqQrKnZmtuaMm5IVfXkauJmRx408weginD8HVAmjxCmg5ajdC0M1RsxNiJzt%2BbdOU3pRWeek3lfXbierLOtOm53Lj69ykEKZC7hfht4NdfUJenLmLr78ByY%2FOf8YuTf64%2Bxe4rZDbCp%2BrBwQ9fXt01ZRk76opHflhI%2FcqVTt0%2BuTXPPVy4ZsP5XZprLi46oZ33%2BVTYjre%2B0g6v04zobKeI99eUEJIu2Ysl%2BSni%2B4Tya4UbvNCYbMiX7%2Fy3trFNLfSOWWyMaiaEPLwCFxNyDM%2F7s9%2B80tf3YKyY9iiQlockdOCMofg%2BQ24fO7fmQVYPdewPEBZVCPbYPNLrQi0nGPKKrj%2FYDafd91t9OyroP4msrRC31bo6wpUD%2BGKhZHP7dH53%2BJZgelgxLQN9pi2%2Buun4Tp1XItD0WYykW0mm61mIrlgrRYLecJZLDodDu8mvPH4zD8AAAD%2F%2FwEAAP%2F%2Fui5SBpgEAAA%3D HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16598140; uid_id2=3b3fd329-3f72-419c-b7aa-78559d632125:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec44035c191f4c0ed7ba5fb93f9738442c=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 12:56:35 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 954308d033e8e61de7c9d61704411c5e
Strict-Transport-Security: max-age=0; includeSubdomains
kazanwhoeveryowl.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 kazanwhoeveryowl.com/pixel/sbs?c=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Cookie: u_pl=16598140; uid_id2=3b3fd329-3f72-419c-b7aa-78559d632125:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec44035c191f4c0ed7ba5fb93f9738442c=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 12:56:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ebeebe5fed09a67757839c68f1a91cf
9954e597f870a2b3f370c5ee8320b7c6fd5229e6
c60ff1191fcf953826fae154177629d126e90abec9b881dc89eedfae696b8ba5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C60FF1191FCF953826FAE154177629D126E90ABEC9B881DC89EEDFAE696B8BA5"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3751
Expires: Tue, 27 Sep 2022 13:59:06 GMT
Date: Tue, 27 Sep 2022 12:56:35 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=44035c191f4c0ed7ba5fb93f9738442c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=44035c191f4c0ed7ba5fb93f9738442c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=44035c191f4c0ed7ba5fb93f9738442c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:35 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6ef2c5cbe116f1db6d73e6aaf38c15eb
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=caf5311b-bf49-4173-920a-f0c2c46bd0c7&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 12:56:35 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: acd3f231623bb4d5e17af788f3a3f394
Strict-Transport-Security: max-age=0; includeSubdomains
addresseepaper.com/sfp.js
200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:34 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f245bd292dd09f4662d72f42a9541edf
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 27 Sep 2022 12:56:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr2Y3vBnigAQOzsd6yr9MrRBFpONzLwqUJSw9clfV1JH5OQs6pLQw9p29Wiq30xYHBHIsGslaFcCprAQwb8u9dTRBSgC%2FEK6lyjZUy2zEkvXtswj4Loaf5hSjypy81a4b2q5PhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514667009b1768f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/animate.css
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/animate.css
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:35 GMT
content-type: text/css
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLur76pZATVlxSye3dVp5LW4DnwhEiyOEYX2chQCzNV0IKMUCrivK3fMFkX8%2FbEbkpy%2BdHO6YHNVejIs364R3L1ShRYAaY6t1ik86e96O%2BV%2B6Xt4IkkEZFKaxDM6R94mXnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75146673eefb7786-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/7253118958113904302?po=8536809401974607767&hl=en&skin=contempo&blogspotRpcToken=7944793
200 OK 0 B URL HTTP/2 www.blogger.com/comment/frame/7253118958113904302?po=8536809401974607767&hl=en&skin=contempo&blogspotRpcToken=7944793
IP
GET /comment/frame/7253118958113904302?po=8536809401974607767&hl=en&skin=contempo&blogspotRpcToken=7944793 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 12:56:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-n7mfkIKpNiF3TB-NMZICvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=XzVDwDRJ464YUkBIGNZqoLnUM28vGIW7eI2Lvvlqar2ggKgdVv7Urnn0PEyVIW10SbA7o-6m9jJmibP31lP8Vq_-91Gep5e7MARygFTOlei5ylQGR78hvUr9ZoF52e2mQ8DR_z_AHH1A8UZt3AkrS23TUqOYwp64slG86MDb_JE; expires=Wed, 29-Mar-2023 12:56:31 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pop.dojo.cc/5832.js
200 OK 0 B IP
GET /5832.js HTTP/1.1
Host: pop.dojo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sampsonfornor.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:32 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QAo1tbt%2F7%2B02dQo%2F2E%2Fs3VszHdPd%2BflxaGssIBa5ce%2Bgs7ePbmoIe0wfxtejCz%2BqVGDbO2PlsOqwXFwVRZ4c%2FF%2F24Q3cPQyLqnt1XGYkxGPCozlaJXuKHWLdZ8POg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751466617fa90b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f4ef5969c11030d96c22bbae13ba1f81
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 27 Sep 2022 12:56:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOFurs2HdRA8i9vrToqfkR0ba%2BATrGFg10I1nL9A7IUVlu%2FEDO6eHKAQDtG785h55CWdGdeLqAihTJH7%2BACFA6h9p2i4t3a8JUJfg%2Bhj2PrFaCilBXF%2FuCjnVgW%2B3BEeBzOB6jU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75146667182a770b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/close.svg
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/close.svg
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:35 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2166413
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkfxS3v%2FMz3RC%2BLgmnsWUb4CFH6OelNYYlrICxZNyBMimGUFjSgpH%2BmDRssQwYuFjwrR16wB8lGPW%2BC1sMLPQWERjmlOwHj52q6jxBy4rmZEp5Z6akVVNVusEbOoVMvetuU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751466742f717786-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/js/script.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/js/script.js
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sampsonfornor.blogspot.com
Connection: keep-alive
Referer: https://sampsonfornor.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 12:56:35 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdK%2BFG1smb6vph2W5jh0Od72iFz37VTHCSZbcDsYo1If0EI6EcUjAOwVsBL8PcqWyLaWk8ApQGoH9%2BqdvsPzGic4ixgrB0sF%2BUzIlSMKY%2BlhbKB3K3rJ8i2Qd6ov2qPtcI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75146673eeff7786-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
142.250.74.161
23.36.76.226
203.175.9.27
46.105.201.240
93.184.220.29
52.29.95.124
192.99.8.28
0.0.0.0